Jump to content
View in the app

A better way to browse. Learn more.
hosang I.T.

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

DNS Queries

(0 reviews)

By Cowboy Denny

· 561 views

Check how each DNS Server is doing.

NOTE: DNS can use UDP or TCP port 53

Zone transfers use TCP

Queries use UDP

ALSO DNS is considered Layer7 (Application Layer)

 

ARCHITECTURE EXAMPLE

External/Internet Facing

Utilize F5 BIG-IP DNS (GTM) as the name server since they are practically impossible to kill

Internal/Intranet

Utilize Infoblox with a minimum of two DNS Views (Internal DNS View for intranet only DNS and External DNS View for internet only)

REFERENCE LOGICAL DIAGRAM BELOW

<insert photo>

 

Of course we could configure many different ways for DNS but let's just concentrate on the External DNS for now since Internal DNS could get complicated with Microsoft Active Directory and using F5 BIG-IP DNS (GTM) for WideIPs and leveraging Anycast then dealing with DDNS..  as you can see, internal DNS is much more complicated then External DNS.

To add an External facing DNS Domain (adding a subdomain is the same process)

First create the new external domain in Infoblox.  I personally like using the csv import process that Infoblox supports.  You just populate a CSV like this one here and then go into Infoblox and import the CSV to create the domain (or subdomain).  Using the same process (just a different csv) I would add any records that belong in that new domain.

Second create the new external domain on your F5 BIG-IP DNS by running command but you need to know a couple things before you can run the command.

What name servers are defined on your F5 device that point to the IP address of your Infoblox GridMaster.  You can identify this by running this command: 

iSupport@(mifnt1slbgtm03)(cfg-sync Standalone)(Active)(/Common)(tmos)# list ltm dns nameserver
ltm dns nameserver dnsx_server_0 {
    address 10.11.12.205
    route-domain 0
    tsig-key Sup3Rs3CreT
}
ltm dns nameserver dnsx_server_1 {
    address 10.11.12.205
    route-domain 0
}

tmsh create ltm dns zone eventguyz.com dns-express-server  dnsx_server_0 dns-express-notify-tsig-verify no

Explanation

dns-express-server

 

TSIG Notes

Use transaction signature (TSIG) keys to authenticate communications about zone transfers between the BIG-IP system and authoritative DNS servers, and between the BIG-IP system and DNS nameservers (clients).

  • 0 Comments

    Recommended Comments

    There are no comments to display.

    Guest
    Add a comment...

    Important Information

    Privacy Policy

    I accept

    Configure browser push notifications
    Chrome (Android)
    1. Tap the lock icon next to the address bar.
    2. Tap Permissions → Notifications.
    3. Adjust your preference.
    Chrome (Desktop)
    1. Click the padlock icon in the address bar.
    2. Select Site settings.
    3. Find Notifications and adjust your preference.