Proxy for DNS server | 1 |
Proxy for DNS server
NOTE
The following scenario is for switch software. If you are using router software, then all you need is an interface IP on the ServerIron ADX that can reach the DNS server.
To configure the GSLB ServerIron ADX as a proxy for a DNS server, complete the following steps.
1.If the GSLB ServerIron ADX and site ServerIron ADXs are in different subnets, add a source IP address. In this case, the source IP address is required so that the GSLB ServerIron ADX perform the health checks on the IP addresses the GSLB ServerIron ADX learns from the DNS server for which it is the proxy. The source IP address must be in the same subnet as the GSLB ServerIron ADX’s management IP address.
NOTE
You can specify as many DNS servers as the GSLB ServerIron ADX’s system memory allows. However, the ServerIron ADX sends periodic DNS queries to only the first four DNS servers you configure with the DNS proxy.
If you configure the ServerIron ADX as a proxy for multiple DNS servers, make sure they have identical content for the zones that you configure the GSLB ServerIron ADX to provide GSLB services for.
2.Add a real server for the DNS server.
3.Add a virtual server for the DNS server and bind the real DNS server and virtual server together.
Adding a source IP address
To enable the GSLB ServerIron ADX to perform health checks on remote sites that are in a subnet other than the GSLB ServerIron ADX’s subnet, you must add a source IP address to the GSLB ServerIron ADX. The source IP address must be in the same subnet as the GSLB ServerIron ADX’s management IP address.
NOTE
If the DNS server for which the GSLB ServerIron ADX is a proxy is in a different subnet than the GSLB ServerIron ADX’s management IP address, you can use the same source IP address that you add for the site ServerIron ADXs. However, you also need to enable the Source NAT feature for the DNS real server.
The source IP address and source NAT feature allow the ServerIron ADX to send a Layer 4 or Layer 7 health check to the remote site and receive the response. Notice that the source IP address added to the ServerIron ADX is not in the subnet of the remote ServerIron ADX. Instead, the source IP address is in the subnet that connects the ServerIron ADX’s local router to the Internet. The purpose of the source IP address in this configuration is to ensure that the responses from remote sites come back to the ServerIron ADX. The health check packets use the address you configure as their source IP address. Without the source IP address in the ServerIron ADX’s subnet and the source feature, the responses to the health checks sent to remote sites in different subnets cannot reach the ServerIron ADX.
ServerIron ADX Global Server Load Balancing Guide | 17 |
|
