DNS Resolving Queries with F5 Local Bind

The DNS Resolving Queries with F5 Local Bind is an important topic for network professionals looking to enhance their DNS management skills. F5 Local Bind allows organizations to resolve DNS queries efficiently by utilizing the local BIND service within the F5 environment.

By understanding how to configure and manage this service, you can optimize DNS resolution processes and improve overall network performance. Engaging in F5 Networks training will provide you with the necessary knowledge and hands-on experience to effectively implement F5 Local Bind in your organization.

In this article, we will explore the key steps and best practices for setting up DNS resolving queries using F5 Local Bind.

Tasks

• Create a zone.

• Verify zone creation with Zone Runner.

• Configure for a zone transfer.

• Use nslookup to resolve a query

F5 LTM Online TrainingJoin the Live Training Class on F5 LTM.Explore course

Explanation:

Local BIND server configuration is managed by BIG-IP F5 DNS system ZoneRunner utility. From remote DNS servers, you can create new zones or transfer current zones using the F5 DNS ZoneRunner utility.

Resource records contained within a zone can be added or modified. After the DNS zone exists in local BIND, you can configure the BIG-IP DNS system to answer DNS name resolution requests or zone transfers to other name servers.

This section will give you configuration details on how to transfer zones in F5 DNS.

Configuration

Primary Zone Configuration

• Create a primary DNS zone as below

Once you are done click on Finished.

A Record Configuration

● Create an A record according to the mentioned diagram

Once you are done click on Finished.

Create Other A Records

Create 5 more A records using the information in the following table.

NS Record Configuration

● Create an NS record as below

Click on Finished

MX Record Configuration

● Create a MX record as below

Click on Finished

CNAME Record Configuration

● Create a CNAME record as below

In order to verify the records, you have created go to DNS 8 Zones: Zone Runner: Resource Record List

Then click on Search

The above gui output will list you all the records you have created

Examine the zone database file:

● Cd /var/named/config/namedb

● Less db.external.uninets.com.

Above mentioned commands will help verify the records on CLI

Verification:

Go to the management PC take the command prompt and do the nslookup

First check the server IP address and then do the NSLOOKUP

Port Lockdown Settings

Listeners process DNS queries directed to port 53, but will not process zone transfers.  Port 53, both UDP and TCP, must be open on 10.10.X.1 for a zone transfer to succeed.

● Modify the self IP address 10.X.1 on your BIG-IP DNS system to also allow access for zone transfers via UDP port 53 and TCP 53.

Then leave rest default and click on Finished

Secondary Zone Configuration

● Create a Secondary DNS zone as below

Allow Zone Transfer from uninets1.com

● Allow zone transfers from uninets1.com as below

Go to the uninets.com zone and allow zone transfer to any as below

Rest leave as is and click on Update.

Now verify whether you can see the secondary zone created on not

Go to the CLI and give more /var/named/config/named.confupon doing so you may find the uninets1.com in the configuration