Brocade Communications Systems 12.4.00 Proxy for DNS server

ServerIron ADX Global Server Load Balancing Guide 17

53-1002437-01

Proxy for DNS server 1

Proxy for DNS server

NOTE

The following scenario is for switch software. If you are using router software, then all you need is an

interface IP on the ServerIron ADX that can reach the DNS server.

To configure the GSLB ServerIron ADX as a proxy for a DNS server, complete the following steps.

1. If the GSLB ServerIron ADX and site ServerIron ADXs are in different subnets, add a source IP

address. In this case, the source IP address is required so that the GSLB ServerIron ADX

perform the health checks on the IP addresses the GSLB ServerIron ADX learns from the DNS

server for which it is the proxy. The source IP address must be in the same subnet as the GSLB

ServerIron ADX’s management IP address.

NOTE

You can specify as many DNS servers as the GSLB ServerIron ADX’s system memory allows.

However, the ServerIron ADX sends periodic DNS queries to only the first four DNS servers you

configure with the DNS proxy. 



If you configure the ServerIron ADX as a proxy for multiple DNS servers, make sure they have

identical content for the zones that you configure the GSLB ServerIron ADX to provide GSLB

services for.

2. Add a real server for the DNS server.

3. Add a virtual server for the DNS server and bind the real DNS server and virtual server

together.

To enable the GSLB ServerIron ADX to perform health checks on remote sites that are in a subnet

other than the GSLB ServerIron ADX’s subnet, you must add a source IP address to the GSLB

ServerIron ADX. The source IP address must be in the same subnet as the GSLB ServerIron ADX’s

management IP address.

NOTE

If the DNS server for which the GSLB ServerIron ADX is a proxy is in a different subnet than the GSLB

ServerIron ADX’s management IP address, you can use the same source IP address that you add for

the site ServerIron ADXs. However, you also need to enable the Source NAT feature for the DNS real

server.

The source IP address and source NAT feature allow the ServerIron ADX to send a Layer 4 or Layer

7 health check to the remote site and receive the response. Notice that the source IP address

added to the ServerIron ADX is not in the subnet of the remote ServerIron ADX. Instead, the source

IP address is in the subnet that connects the ServerIron ADX’s local router to the Internet. The

purpose of the source IP address in this configuration is to ensure that the responses from remote

sites come back to the ServerIron ADX. The health check packets use the address you configure as

their source IP address. Without the source IP address in the ServerIron ADX’s subnet and the

source feature, the responses to the health checks sent to remote sites in different subnets cannot

reach the ServerIron ADX.