18 ServerIron ADX Global Server Load Balancing Guide
53-1002437-01
Proxy for DNS server
1
For example, the GSLB ServerIron ADX shown in Figure 1 on page 4 needs a source IP address in
the subnet 209.157.23.x. Without this source IP address, Layer 4 and Layer 7 health checks to the
ServerIron ADXs at the Sunnyvale site (209.157.22.x) and the Atlanta site (192.108.22.x) cannot
reach the GSLB ServerIron ADX.
To add a source IP address, enter a command such as the following:
ServerIronADX(config)# server source-ip 209.157.23.225 255.255.255.0 0.0.0.0
Syntax: [no] server source-ip <ip-addr> <ip-mask> <default-gateway>
The <ip-addr> parameter specifies the IP address. Specify an address that is in the same subnet
as the GSLB ServerIron ADX’s management IP address. Do not specify an address that is already in
use.
The <ip-mask> parameter specifies the network mask.
The <default-gateway> parameter specifies the default gateway. This parameter is required, but if
you do not want to specify a gateway, enter “0.0.0.0”.
Configuring real server and virtual server for the DNS serverNOTE
The virtual server IP address (VIP) will be the Authoritative DNS server for the GSLB Domain.
To configure a real server and virtual server and bind them together for a proxy DNS server, enter
commands such as the following:
ServerIronADX(config)# server real-name dns_ns 209.157.23.46
ServerIronADX(config-rs-dns_ns)# port dns proxy
ServerIronADX(config-rs-dns_ns)# exit
ServerIronADX(config)# server virtual-name-or-ip dns-proxy 209.157.23.87
ServerIronADX(config-vs-dns-proxy)# port dns
ServerIronADX(config-vs-dns-proxy)# bind dns dns_ns dns
The commands in this example add a real server called “dns_ns”. The DNS server has IP address
209.157.23.46. When you add the real server, the CLI changes to the Real Server configuration
level. At this level, you can add TCP or UDP ports and, optionally, modify health check parameters.
In this example, the DNS port is added. Notice that the proxy option is specified following the dns
option. The proxy option is required to indicate that this real server is part of a proxy DNS server
configuration.
If the DNS server is in a different subnet than the GSLB ServerIron ADX, you must configure a
source IP address on the ServerIron ADX for use by the health checks. If the GSLB ServerIron ADX is
in a one-armed configuration or the DNS server is at least one hop away, you must configure a
source IP address and also enable source NAT. (You do not need to add another source IP address
if you have already added one for the remote sites. The GSLB ServerIron ADX can use the same
source IP address for reaching the remote sites and for reaching the DNS server.)
ServerIronADX(config)# server real-name dns_ns 209.157.23.46
ServerIronADX(config-rs-dns_ns)# port dns proxy
ServerIronADX(config-rs-dns_ns)# exit
The server virtual-name-or-ip command adds a virtual server called “dns-proxy”. This command
changes the CLI to the Virtual Server configuration level. At this level, the port dns command adds
the DNS port to the virtual server. The bind command binds the DNS port on the real server to the
DNS port on the virtual server.