Brocade Communications Systems 12.4.00 Redirecting queries and perform GSLB

ServerIron ADX Global Server Load Balancing Guide 99

53-1002437-01

Transparent DNS query intercept 1

This command configures a virtual server that has the DNS server’s actual IP address. When the

ServerIron ADX receives a DNS query addressed to the DNS server IP address, the ServerIron ADX

intercepts the packet instead of forwarding it to the DNS server. The intercept parameter is

required and indicates that you want to use the virtual server for intercepting DNS queries. This

parameter also instructs the ServerIron ADX to ignore ARP requests and pings to the address. The

ServerIron ADX needs to ignore ARPs and pings to the address because the address still belongs to

the authoritative DNS server. Without the intercept parameter, the ServerIron ADX will respond to

ARPs and pings to the virtual server’s IP address.

Syntax: [no] bind dns <real-server-name> dns

This command binds the real server (the alternative DNS server) to the virtual server (the

intercepted authoritative DNS server). This command creates an entry in the ServerIron ADX’s port

binding table that allows the ServerIron ADX to redirect DNS traffic sent to the authoritative DNS

server to the alternative DNS server.

Syntax: [no] gslb dns zone-name <name>

This command specifies the zone for which you want to intercept queries. The ServerIron ADX will

intercept and redirect DNS queries only for the zones you specify, and forwards all other client

queries to the authoritative DNS server.

Syntax: [no] host-info <host-name> <host-application> | <tcp/udp-portnum>

This command specifies the host application on the zone you specified above.

Syntax: ip policy <index> cache udp dns global

This command enables the ServerIron ADX to examine incoming DNS packets. This command is

required.

Redirecting queries and perform GSLB

To configure transparent DNS query intercept to redirect queries to a proxy DNS server and perform

GSLB on the response, do the following:

•Configure a real server with the IP address of the proxy DNS server

•Configure a virtual server with the IP address of the authoritative DNS server, which you want

to intercept.

•Specify the domain and host application for which you want to intercept queries.

•Configure an IP policy to enable the ServerIron ADX to examine incoming DNS packets.

•Enable port dns proxy on the real server corresponding to the proxy server.

NOTE

A ServerIron ADX intercepts queries only for domain names configured on the ServerIron ADX. For

domain names that are not configured on a ServerIron ADX, the ServerIron ADX still sends queries

to the authoritative DNS server.

To configure the ServerIron ADX to redirect queries to another DNS server and apply GSLB on the

response, enter commands such as the following:

ServerIronADX(config)# source-ip 209.157.23.100 255.255.255.0 0.0.0.0

ServerIronADX(config)# server remote-name dns-redirect 209.200.22.100

ServerIronADX(config-rs-dns-redirect)# source-nat

ServerIronADX(config-rs-dns-redirect)# port dns proxy

ServerIronADX(config-rs-dns-redirect)# exit