Feb 03, 2012

GTM: named daemon listening on port 53 instead of GTM???




We are using the F5 GTM for intelligent DNS load balancing.



The named daemon listens on port 53 and catches all DNS traffic, I would have expected to see the GTM process listening instead. How is the interaction done between named and the GTM process so that a decision can be made if the GTM should intercept the DNS request (or not)?




This seems to indicate two possibilities:


1) The named binary has been modified by F5


2) There is a redirection in the named.conf




Here's what I'm basing my analysis on :



[root@pradnspub01:Active] config netstat -anp|awk '/:53/'


tcp 0 0* LISTEN 1414/named


tcp 0 0 ESTABLISHED 1088/gtmd


tcp 0 0 ::1:53 :::* LISTEN 1414/named


udp 0 0* 1414/named


udp 0 0 ::1:53 :::* 1414/named


[root@pradnspub01:Active] config




Thanks in advance.


  • Hi barneyrudd,



    netstat doesn't show the virtual servers or listeners which TMM uses to handle DNS queries. TMM / GTM do answer queries and only hand off to BIND if configured to do so.



    You can use b conn or tmsh show sys conn to check for connections to the virtual servers / WIPs / listeners.



  • Hi,



    Thanks for the response and information, I've realised that I misinterpreted the netstat output, the named daemon wasn't listening on all interfaces it was actually only listening on the IPV6 loopbackaddress (::1)



    ==> udp 0 0 ::1:53 :::* 1414/named