Brocade Communications Systems 12.4.00 manual Private VIPs for Gslb, Syntax dns override

1 Private VIPs for GSLB

ServerIronADX(config)# gslb dns zone brocade.com ServerIronADX(config-gslb-dns-brocade.com)# host-info www http ServerIronADX(config-gslb-dns-brocade.com)# host-info www ip-list 209.157.23.59

When the ServerIron ADX receives a reply from the client’s DNS server for brocade.com, the ServerIron ADX replaces the IP address in the reply with 209.157.23.59, the IP address of a proxy server.

DNS override allows the ServerIron ADX to replace the IP address in the DNS reply with the IP address you configure for the proxy server.

The following commands enable DNS override on the ServerIron ADX.

ServerIronADX(config-vs-dns-proxy)# exit

ServerIronADX(config)# gslb policy

ServerIronADX(config-gslb-policy)# dns override

Syntax: dns override

You must enable DNS override for the ServerIron ADX to replace the address. Otherwise, the ServerIron ADX still uses the GSLB policy to select a “best” site but does not replace the IP address with the proxy server’s address. The gslb policy command changes the CLI to the GSLB policy configuration level.

Private VIPs for GSLB

ServerIron ADX supports private Virtual IP (VIP) configurations for GSLB. GSLB support for private VIPs enables a site ServerIron ADX to communicate public VIP addresses to a GSLB ServerIron ADX, and, in effect, the GSLB ServerIron ADX to recognize these IP addresses in the DNS reply, as VIPs on the site ServerIron ADX. This is accomplished by statically mapping the private and public IP address for a VIP on the site ServerIron ADX.

Note that each time the mapping between the private IP address of the VIP and the public IP address changes, you need to reconfigure the new public IP address for the VIP on the ServerIron ADX, as well. Also, the GSLB IP addresses apply only to the GSLB feature. GSLB IP addresses do not affect any other feature nor are they used by any other feature.

For example, as illustrated in Figure 3, suppose 192.168.10.1 is the private IP address of the VIP on ServerIron ADX B, and it is mapped to 207.95.55.23 by the firewall. On ServerIron ADX B, you would statically map the GSLB public IP address of 207.95.55.23 for the private VIP 192.168.10.1. You would also specify whether this public IP address is for use only by the peer GSLB ServerIron ADX A, or if it will be used by both the peer GSLB ServerIron ADX A and ServerIron ADX B, if a local GSLB site is present.

After statically mapping the public IP address, ServerIron ADX B will then communicate the public VIP address, 207.95.55.23 to the peer GSLB ServerIron ADX A. If GSLB ServerIron ADX A is providing global SLB for the domain www.foo.com, where one of the IP addresses corresponding to this domain is 207.95.55.23, then GSLB ServerIron ADX A will correctly interpret this IP address as a VIP on the site ServerIron ADX B.