DNS Express Flashcards
What is DNS Express?
DNS Express is an engine that provides the ability for the BIG-IP system to act as a high-speed, authoritative DNS server. With DNS Express configured, the BIG-IP system can answer DNS queries for a DNS zone and respond to zone transfer requests from specified DNS nameservers (clients). Additionally, zone transfer communications can be secured with TSIG keys.
What are the two types of design implementations using DNS Express?
1) Off box BIND
2) On box BIND
How does off box BIND work?
Zone transfers are done between the BigIP DNS and the internal authoritative dns servers. If the BigIP DNS does not have the information for the query, it will send the query to the local authoritative dns servers.
How does on box BIND work?
This is part of the DNS express engine where BIND is configured on BigIP DNS and it will answer queries for wideips. It will do a zone transfer with the internal dns server and become the authoritative bind server. Any queries that it does not know will be fowarded to the internal bind server.
Explain how the deployment of Delegating DNS domain to BigIP DNS works?
In order to do this, you must set up a delegated zone on the internal authoritative dns server, ns records that point to the listener ips on the BigIP DNS, and a CNAME configured to point to the delegated zone. A wideip must be configured as an A record pointing to the CNAME.
Explain how the deployment of Replacing DNS server with BigIP DNS works?
When replacing the internal authoritative DNS server the following must happen:
1) Create a zone
2) Do a zone transfer
3) Create a self-ip using the same ip of the internal DNS server.
4) Shutdown the internal dns server interface with the ip.
5) Designate the BigIP DNS as the primary server for the zone.
Explain how the deployment of Redirecting DNS Queries using a cname pool works?
When you want to redirect DNS queries for a web site to a different web site, create a wide IP that represents the original web site, and add a pool configured with a CNAME type to the wide IP with an A record type to redirect the requests to the new destination.
Explaing how the deployment of Placing BigIP DNS in front of a dns server works?
You can use BIG-IP® DNS as a traffic screener in front of an existing DNS server. With this setup, all DNS traffic flows through BIG-IP DNS. Listeners that you configure on BIG-IP DNS verify incoming DNS queries. If the query is for a wide IP, BIG-IP DNS resolves the request. If the query is for a destination that does not match a wide IP or for an IP address that is not configured on BIG-IP DNS, the system forwards the query to the specified DNS server for resolution. When forwarding a query, BIG-IP DNS transforms the source address to a self IP address on BIG-IP DNS.
Explain how the deployment of Placing BigIP DNS in front of a pool of dns servers works?
- Create an unique to the BigIP DNS ip listener.
- Under the listener configuration, specify a pool (pool already created with the dns servers to be load balanced).
All traffic flows will go through the BigIP DNS.
- Under the listener configuration, specify a pool (pool already created with the dns servers to be load balanced).
What is screening mode?
This is part of the deployment of placing the BigIP DNS in front of the dns servers.
It offers:
1) DNS query validation
2) DNSSEC
3) Transparent caching
Where would you enabled DNS Express?
Local Traffic ›› Profiles : Services : DNS
