Brocade Communications Systems 12.4.00 guide

1 GSLB error handling for unsupported DNS requests

192	ServerIron ADX Global Server Load Balancing Guide
	53-1002437-01

Image 204

Brocade Communications Systems 12.4.00 manual Gslb error handling for unsupported DNS requests

Contents

ServerIron ADX Brocade Communications Systems, Incorporated Contents ServerIron ADX Global Server Load Balancing Guide Page Gslb for IPv6 feature support Global server load balancing for IPv6 overviewGslb for IPv6 example IPv4 IPv6Page Audience Supported hardware and softwareDocument conventions Text formatting Bold text Getting technical help or reporting errors Web accessMail and telephone access Related publicationsPage Global Server Load Balancing Global Server Load Balancing overview Basic concepts Global Server Load Balancing overview Global Server Load Balancing configuration Gslb example DNS Gslb policy Weighted IP metric Server health Weighted site metric Site ServerIron ADX’s session capacity thresholdActive bindings metric Geographic location of the server Site ServerIron ADX’s connection load Site ServerIron ADX’s available session capacity toleranceSite ServerIron ADX’s FlashBack speed Site ServerIron ADX’s administrative preference Least response selectionRound robin selection 128 Minimum required configuration Basic controller and site communication Syntax show gslb policy Configuring Gslb Configuring GslbPage Proxy for DNS server Adding a source IP addressProxy for DNS server Syntax no server source-ipip-addr ip-mask default-gateway Configuring a site Enabling the Gslb protocolSyntax no gslb protocol Specifying site locations Syntax no gslb site name Configuring a zone Specifying Gslb controller locationsSyntax no gslb dns zone-name name Applying Gslb to Cname records Syntax no dns cname-detect Configuring Http health check parameters Cname status is shown in bold type Configuring DNS domain name aliases Configuring null host names Configuration exampleSyntax host-info host-namealias alias-name Private VIPs for Gslb Syntax dns override Configuring a public IP address for a VIP Private VIPs for Gslb Private VIP display information Displaying Gslb IP informationShow gslb dns detail the following is an example Configuring Gslb protocol parameters Changing the protocol port numberSyntax show server virtual-name-or-ip Syntax show gslb site Changing the Gslb protocol update period Modifying Gslb parameters related to DNS responsesSyntax no protocol status-interval num You can modify the following DNS-related Gslb parameters Removing IP addresses for sites that fail a health check Syntax no dns best-only Changing the query interval Syntax no dns check-interval numChanging the TTL for DNS records Syntax no dns ttl num Syntax no dns ttl Enabling DNS override Syntax no dns override Changing the Gslb policy metrics Configuring Gslb protocol parameters Gslb policy metrics Metric Default Configuration options Connection load Changing the order of Gslb policy metrics Syntax no metric-order set list Syntax metric-order default Disabling or re-enabling individual Gslb policy metrics Clearing DNS selection counters Syntax clear gslb dns zone-name name Implementing the weighted IP metric DNS response processing Configuring weighted IP metrics Syntax no weighted-ip Syntax no gslb dns zone nameSyntax host-info www ip-weight IP address weight For name, enter up to 32 characters Implementing the weighted site metric Syntax show gslb dns zone San Jose 50% New York 30% London 20% Total 100 100% Traffic distribution specifications Configuring weighted site metricsSyntax no weighted-site Syntax gslb site site name Syntax weight weight First example shows the first two sites Syntax show gslb traffic site Implementing the active bindings metric Site Three Enabling active bindings Configuring weighted active bindings Gslb active bindings enhancements Configuring connection load parameters Specifying the site connection limit Syntax no connection-load limit average-load Changing the sampling intervals and sample rate Changing the sample interval weight Syntax no connection-load weights weight1 weight2...weight8 Changing the FlashBack tolerance values Syntax no capacity threshold numSyntax no num-session tolerance num Syntax no flashback application tcp tolerance num Modifying round-trip time values Changing the RTT cache interval Syntax no round-trip-time cache-interval num Changing the RTT cache prefixSyntax no round-trip-time cache-prefix num Changing the RTT tolerance Syntax no round-trip-time explore-percentage num Adding static prefix cache entries Enabling default geographic location Secure GslbPage Gslb message content randomization Configuring secure GslbRSA challenge dialogue Secure Gslb Configuring secure-communication on the controller Generating RSA key pair Exchanging public keys Bob sends back his public key Selecting a peer public key management option C.D Regenerating the session keys Manually regenerating the session keysDynamically regenerating the session keys Syntax clear gslb session-keys Site persistence in Gslb using stickiness Minimum Gslb configuration Algorithm Site persistence in Gslb using stickiness Enabling sticky Gslb Configuring the sticky Gslb session life time Allowing sticky sessions for a specific prefix lengthSyntax no sticky Syntax no sticky age value Displaying current sticky Gslb sessions Syntax show session all offset Sticky Gslb counters Syntax show gslb dns detail Site persistence in Gslb using hashing Deleting sticky Gslb session for a specific clientDeleting all sticky Gslb sessions Enabling hash-based Gslb persistence Hashing scheme Syntax show gslb phash table IP address allocation IP address failure or removal from domainRehash new IP address for a domain or change of state Rank Disabling rehash Syntax hash-persist persist-rehash-disable time-out Manually forcing rehash for a domainSyntax hash-persist hold-down time Show commands Weighted distribution of sites with hash-based persistence Weighted distribution of sites with hash-based persistenceSyntax show gslb phash table zone-name name host-name name This section contains the following subsections Gslb weighted hash-based persistence Gslb hash-based persistenceHashing scheme IP address allocation IP address failure or removal from domain Rehash change in hash weight Disabling rehash on change in hash weight configuration Enabling weighted hash-based Gslb persistence Syntax no hash-persist weightedSyntax no prefix-len-hash-persist length Configuring weights for domain IP addresses Disable rehash when weight for an IP is changedSyntax host-info host-nameip-hash-weight IPaddress weight Hash persist hold down timer Syntax no hash-persist disable-weight-rehash Show commands Manually forcing rehash for a domainClear Gslb phash counters Syntax show gslb policy host-policy-name policy-name Displaying the contents of active RTT cache entries Affinity Affinity Defining the affinity Syntax gslb affinity Displaying RTT prefix cache entries Syntax show gslb cache ip-addr Gslb domain-level affinity Displaying affinity selection countersOverview of Gslb domain-level affinity Syntax show gslb dns detail name Command line interface Configuring an affinity for prefix 0.0.0.0/0Creating a domain-level affinity group Associating the domain-level group with a domain Show gslb affinity-group group-number Syntax show gslb affinity-group group-numberShow gslb resources Syntax show gslb resources DNS cache proxy DNS cache proxyShow gslb dns detail Syntax show gslb dns detail zone-name To enable DNS cache proxy, enter the following commands Enabling DNS cache proxyDisplaying DNS cache proxy state Syntax no dns cache-proxy DNS cache proxy Disable the default Displaying DNS cache proxy statisticsSyntax show gslb global-stat Combining the DNS cache proxy and DNS override features Gslb DNS type any query Transparent DNS query intercept Transparent DNS query intercept configuration Redirecting queries Transparent DNS query intercept Syntax no server remote-name name ip-addr Syntax no source-natSyntax no port dns Syntax no server virtual-name-or-ip name ip-addrintercept Redirecting queries and perform Gslb Syntax no bind dns real-server-namednsSyntax ip policy index cache udp dns global Responding to queries directly Displaying transparent DNS query intercept statistics Syntax dns transparent-intercept Enabling DNS request logging Syntax no gslb log-dnsEach message shows the following information Support for the RTT metric Enabling DNS request logging Gslb request information Distributed health checks for Gslb BP support as Gslb agentEnabling DNS request logging Syntax no si-name name ip-addrno-si-dist-health-check ADX Configuring the health status reporting interval Syntax no si-name name ip-addrenable-si-dist-health-checkDisabling or re-enabling distributed health check Syntax no no-distributed-health-check Configuring the agent health report interval Debugging the distributed health checkSyntax no health-status-interval secs Syntax no agent-health-report-interval secs Impact of distributed health checks on the Flashback metric Configuration examples TopologyExample Example Example Dnssec Example with Authentication Chain Steps involved in a Dnssec resolution are Dnssec Dnssec Gslb in DNS proxy mode Verification with DIG Configuring Dnssec for Gslb Cache proxy modeConfiguring a zone for Dnssec Configuring a backend Adns server as Dnnsec capable Displaying Dnssec configuration Displaying Dnssec statisticsSyntax no port dns use-dnssec-servers-for-dns-queries Syntax no server use-dnssec-servers-for-dns-queries Configuring host-level policies Host-level policies for site selectionGlobal vs host-level policy Host-level policies for site selection Configuring the parameters for the host-level policy Defining a name for a host-level Gslb policy Syntax no dns active-only Removing all IP addresses except the best address To re-enable this metric, enter the following command Disabling or re-enabling the Flashback metricSyntax no flashback Modifying Flashback tolerance Enabling the Geographic metric Syntax no geographicEnabling the Health Check metric Syntax no health-check Resetting the order of the metrics Configuring the Num-session Tolerance Enabling the Num-session metricSyntax no num-session Enabling the Preference metric Syntax no weighted-ip Enabling the weighted site metricSyntax no round-robin Enabling the Round-Trip-Time metric Syntax no round-trip-time Changing the RTT tolerance Syntax no weighted-site Displaying host-level policy informationApplying a host-level policy to a Gslb host Displaying a host-level policy Displaying all Gslb policies Syntax show gslb policy host-policy-all Displaying the policy used for hosts Displaying the number of host-level policiesSyntax show gslb dns zone I detail Configuration example Deleting Gslb host-level policiesDeleting a policy that is not applied to a host Syntax clear gslb host-policy policy-name Geographic region for a prefix How geographic location is determined Configuring a geographic prefix For IPv4For IPv6 Displaying the number of geographic prefixes Displaying information about geographic prefixGeographic region for a prefix Syntax show gslb cache IP address prefix Example configuration Syntax show gslb cache all geographic user-configured Smoothing mechanism for RTT measurements Smoothing mechanism for RTT measurements90% of 20ms + 10% of 40ms = 22ms 90% of 22ms + 10% of 1 sec = 119ms 134 Enabling enhanced RTT smoothing Syntax gslb enhanced-rtt-smoothing Configuring the parameters Disabling enhanced RTT smoothing Specifying the ramp-up-factor Syntax no ramp-up-factor valueSpecifying the ramp-down factor Syntax no ramp-down-factor value Syntax enable-sim-new-rtt-smooth Syntax disable-sim-new-rtt-smoothState gets cleared. You can command in the simulation Syntax rtt-val value Smoothing mechanism for RTT measurements Smoothing mechanism for RTT measurements Determining if the new RTT smoothing mechanism is enabled Round-trip timesPassive RTT gathering Round-trip times Active RTT gathering Passive RTT gathering Support for both active and passive RTT Active RTT gathering Active RTT gathering issues and trade-offs Enabling active RTT Syntax no gslb disable-rtt-gathering Discarding passive RTTDisabling passive RTT gathering Syntax no gslb active-rtt-gathering Configuring active RTT parameters Configuring active RTT query message intervalConfiguring the cache interval for active RTT prefix Specifying how often to report the active RTT Configuring the active RTT refresh interval Setting the RTT algorithm modesSyntax no gslb agent-rtt-refresh-interval value Using only passive RTT Syntax gslb dns-probe enable-fallback Syntax gslb dns-probe disable-fallbackProbes for RTT gathering Accepting DNS RTT measurements Aging out prefixes when Icmp probe fails Aging out prefixes when DNS probe failsEnabling the DNS prober Sending DNS probes on a different port Active RTT gathering and high availability support Displaying RTT information Displaying the RTT gathering mechanism Displaying the active RTT gathering configuration Syntax show gslb active-rtt-info Displaying the RTT information of a client IP address Round-trip times Show Gslb active RTT informationSyntax show gslb cache ip-address This field Displays Displaying the RTT algorithm mode For example, enter a command such as the following Configuring an HA group Gslb affinity for high availabilityGslb affinity for high availability Enabling dynamic detection Displaying HA information Displaying all HA groupsDisplaying the HA peer for a site Syntax no gslb dynamic-peer-detect Displaying the dynamically detected HA pairs View the configured HA group using the following command Gslb affinity for HA This command requires a reload to take effect Gslb optimizationOptimized VIP list processing Syntax no gslb process-vip-list-optimize Syntax no si ip-addressoptimized-dist-hcheck Syntax no gslb send-vip-list-optimizeSyntax no gslb dont-send-active-bindings On the site ServerIron ADX, configure the following commands Gslb optimization Guidelines and recommendations for using this feature Displaying Gslb informationDisplaying site information Displaying Gslb information Syntax show gslb site name Name parameter specifies a site name Site Displaying real server information Displaying Gslb information Global SLB site information Syntax rshow remote-ip-addrserver real virtual session bind Displaying DNS zone and hosts Syntax show gslb dns zone name Zone Displaying detailed DNS information Host a Flashback Displaying metric information Displaying the default Gslb policy Syntax show gslb default Displaying Gslb information Gslb policy information DNS TTL Displaying the user-configured Gslb policy ServerIronADXconfig# show gslb cache Static prefix cache entries on This command shows the following information Gslb resources Displaying Gslb resources Displaying dynamic server information Displaying Gslb information Gslb resourcesPort binding information The TCP and UDP ports Session statistics Another way to list the real servers Displaying dynamic real server information Displaying virtual server informationSyntax show server dynamic real Displaying the port bindings Listing the real serversSyntax show server dynamic virtual Syntax show server dynamic bind Specifying the source IP of probes Displaying information in the prefix cacheSyntax gslb src-ip-active-rtt ip-address Syntax show gslb cache all Syntax show gslb cache all affinity Syntax show gslb cache all geographic staticSyntax show gslb cache all ip-addr Syntax show gslb cache ip-addrlonger-than prefix-length Snmp traps and syslog messages Snmp traps and syslog messagesSyntax show gslb cache ip-addrsmaller-than prefix-length Syslog messages Syntax show logging Gslb error handling for unsupported DNS requests Syntax no snmp-server enable traps trap-typeDisabling and re-enabling traps Default settings for Gslb error handling Using Gslb error handling with transparent intercept mode Error handling response format Disable or re-enabling Gslb error handlingConfiguring the return code Gslb error handling for unsupported DNS requests Viewing error handling statistics Clearing the error handling statisticsSyntax clear gslb unsupported-response-cnt Gslb error handling for unsupported DNS requests Global Server Load Balancing for IPv6 Global server load balancing for IPv6 overview Gslb for IPv6 feature support IPv6 Gslb configuration Gslb for IPv6 example Basic Gslb for IPv6 configuration On Gslb ServerIron ADX controller Configuring the Gslb controller Basic Gslb for IPv6 configurationAdding a VIP for the Adns server Enabling DNS cache proxy Configuring zones Enabling DNS override Specifying DNS override IP lists Syntax no host-info host-nameip-list ipv6-addressHost-nameparameter specifies the host name Configuring sites Site ServerIron ADX configuration Basic configuration exampleConfiguration on Gslb ServerIron ADX Gslb controller Enabling the Gslb protocol Configuration on site ServerIron ADXs Enable the Gslb protocol on each of the Site ServerIron ADXs Advanced Gslb configuration for IPv6 Gslb site persistence Configuring Gslb policy metrics for IPv6 Refer to Server host health Not supported Changing the order of Gslb for IPv6 policy metrics Refer to FlashBack speed metric Syntax no metric-order set list Resetting Gslb policy metrics Server host health metric Weighted IP metric Enabling the weighted IP metric Specifying the weight of IP addresses in the IP list Advanced Gslb configuration for IPv6For zone-name, enter up to 32 characters Weighted site metric Traffic distribution specifications DNS response processing Configuring weighted site metrics Session capacity threshold metric Active bindings metric Enabling active bindingsSyntax no active-bindings Configuring weighted active bindings Geographic location metric Configuring a geographic prefix Specifying site locationsSpecifying Gslb controller locations Available session capacity metric FlashBack speed metric Administrative preference metric Configuring administrative preference for a site Least response selection metricRound robin selection metric Sticky persistence for IPv6 Enabling sticky persistence for IPv6 Specifying sticky session prefix lengths Specifying sticky session life timesDeleting sticky sessions Syntax no sticky ipv6-prefix-length decimal Hash-based persistence for IPv6 Specifying hash-based persistence prefix lengths Weighted hash-based persistence for IPv6 Manually forcing a rehash for a domainSyntax no ipv6-prefix-len-hash-persist decimal Configuring weights for domain IP addresses Disabling rehash when weight for an IP is changed Configuring DNS response parameters Configuring an active-only policy Configuring a best-only policy Gslb of ANY queries Displaying Gslb for IPv6 configurations Show commands for basic Gslb configurationsDisplaying DNS cache proxy statistics Displaying the default Gslb policy Displaying Gslb for IPv6 configurations DNS TTL Displaying the user-configured Gslb policy Displaying information about a geographic prefix ServerIronADX VIP === Displaying DNS zone and hosts When you configured the zone information Africa X100us Counters 2001db8abc Cfg Zone-nameparameter specifies a particular Gslb zone Specifying the weight of IP addresses in the IP list on Displaying site information ServerIronADXconfig# show gslb site Administrative preference metric on Show commands for advanced features Displaying the hash tableSite-nameparameter specifies a site name Troubleshooting Gslb for IPv6 configurations Clearing Gslb phash countersDisplaying Gslb debug counters Syntax show gslb ipv6 phash active-ip allocation table Troubleshooting Gslb for IPv6 configurations Troubleshooting IPv6 lists Debug trace for GslbSyntax show gslb message IPaddress Syntax debug track feature gslb algorithm sticky generic all Troubleshooting Gslb for IPv6 configurations IPv4 IPv6IPv4 RFC DNS South America IPv6 address assignment Address Designation Lacnic