1 Transparent DNS query intercept

Redirect the client queries to a proxy DNS server and send the reply unchanged. The ServerIron ADX redirects the client request to the alternate DNS server and sends the response, as is, to the client. The alternate DNS server could be a ServerIron ADX configured for GSLB, in which case the reply has the best address(es) for the client.

Directly respond to client queries using the IP addresses configured for the domain. The ServerIron ADX does not forward or redirect the query to the actual or proxy DNS servers. Instead, it directly responds to the client by applying GSLB policy to pick the best IP address from among the IP list configured for the domain.

NOTE

A ServerIron ADX configured for transparent intercept redirects or directly responds to client requests only for domain configured on the ServerIron ADX. If the domain name requested by the client is not configured on the ServerIron ADX, it forwards the query to the actual DNS server without intercepting, and the reply is untouched by GSLB.

Example

Figure 6 shows an example of a configuration that uses transparent DNS query intercept. In this example, the ServerIron ADX is configured to intercept all client queries to the zone brocade.com and redirect them to the proxy DNS server and apply GSLB on the reply. The ServerIron ADX uses its configured source-ip to make sure the DNS reply from the proxy server comes to it.

The client’s local DNS server sends a recursive query for brocade.com to the authoritative DNS server (209.157.23.130).

The ServerIron ADX intercepts and redirects client query to proxy DNS server (209.200.22.100).

The proxy DNS server sends response back to the ServerIron ADX’s source IP address (209.157.23.100).

The ServerIron ADX changes the source address in the reply to the authoritative DNS server’s address and the destination address from the ServerIron ADX’s source-IP to the client’s IP address.

The client receives the DNS response with the authoritative DNS server’s source IP address. The ServerIron ADX’s interception and redirection is transparent to the client.

FIGURE 6 Transparent DNS query intercept configuration

96

ServerIron ADX Global Server Load Balancing Guide

 

53-1002437-01

Page 107 Page 109
Page 108
Image 108
Brocade Communications Systems 12.4.00 manual Transparent DNS query intercept configuration
Page 107 Page 109
Top Page Image Contents