Giammarco
Mar 07, 2018Nimbostratus
Zonerunner Issue
Hi guys,
i'm trying to solve two big issue using my F5 as master DNS.
First: i want to forward a full PTR network (in my case a /16) to another BIND but it doesn't seems to work. PTR are resolved only if F5 is the master. Is a supported feature or not? If I configure same forward on a normal BIND it works
Second: i'm forwarding an *.local domain to my AD servers but i've found that every time I do a dig using F5 VIP it reports back also authority section and this create issue using particular services
here is an example:
dig @ AD server output:
; <<>> DiG 9.9.4-RedHat-9.9.4-51.el7_4.2 <<>> @10.10.10.200 test.local
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44844
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4000
;; QUESTION SECTION:
;test.local. IN A
;; ANSWER SECTION:
test.local. 600 IN A 10.x.x.x
test.local. 600 IN A 192.168.x.x
dig @ F5 (that forwards to AD server):
; <<>> DiG 9.9.4-RedHat-9.9.4-51.el7_4.2 <<>> @10.10.10.201 test.local
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44763
;; flags: qr rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 13, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;test.local. IN A
;; ANSWER SECTION:
test.local. 600 IN A 10.x.x.x
test.local. 600 IN A 192.168.x.x
;; AUTHORITY SECTION:
. 71938 IN NS f.root-servers.net.
. 71938 IN NS c.root-servers.net.
. 71938 IN NS a.root-servers.net.
. 71938 IN NS b.root-servers.net.
. 71938 IN NS d.root-servers.net.
. 71938 IN NS g.root-servers.net.
. 71938 IN NS e.root-servers.net.
. 71938 IN NS h.root-servers.net.
. 71938 IN NS l.root-servers.net.
. 71938 IN NS m.root-servers.net.
. 71938 IN NS i.root-servers.net.
. 71938 IN NS k.root-servers.net.
. 71938 IN NS j.root-servers.net.
My F5 are running LTMOS 11.6.1 HF1 Any help is very appreciated!
Thanks