Responding to queries directly – Brocade Communications Systems ServerIron ADX 12.4.00 User Manual
Page 112
100
ServerIron ADX Global Server Load Balancing Guide
53-1002437-01
Transparent DNS query intercept
1
ServerIronADX(config)# server virtual-name-or-ip dns-intercept 209.157.23.130
intercept
ServerIronADX(config-vs-dns-intercept)# port dns
ServerIronADX(config-vs-dns-intercept)# bind dns dns-redirect dns
ServerIronADX(config-vs-dns-intercept)# exit
ServerIronADX(config)# gslb dns zone brocade.com
ServerIronADX(config-gslb-dns-brocade.com)# host-info www http
ServerIronADX(config-gslb-dns-brocade.com)# exit
The commands are the same as the ones for configuring the ServerIron ADX to redirect queries
directly to another DNS server, with one difference. The command that enables the DNS port on
the real server (the other ServerIron ADX) uses the proxy parameter. This parameter indicates that
the ServerIron ADX needs to perform GSLB on the response before sending the response back to
the client.
Responding to queries directly
To configure transparent DNS query intercept to directly respond to queries using IP addresses
configured on the ServerIron ADX, do the following:
•
Configure a virtual server with the IP address of the authoritative DNS server that you want to
intercept.
•
Specify the domain name and host application for which you want to intercept queries.
•
Enable the DNS transparent intercept feature.
•
Configure an IP policy to examine incoming DNS packets.
•
Enable dns transparent-intercept in the GSLB policy.
NOTE
In the direct-response mode, the ServerIron ADX uses GSLB to pick the best address by default. No
additional configuration is needed to further enable GSLB.
NOTE
The ServerIron ADX intercepts queries only for domain names configured on the ServerIron ADX. For
domain names that are not configured on the ServerIron ADX, the ServerIron ADX still sends queries
to the authoritative DNS server.
To configure the ServerIron ADX to respond to queries using a set of IP addresses configured on the
ServerIron ADX itself, enter commands such as the following:
ServerIronADX(config)# server virtual-name-or-ip dns-intercept 209.157.23.130
intercept
ServerIronADX(config-vs-dns-intercept)# port dns
ServerIronADX(config-vs-dns-intercept)# gslb dns zone brocade.com
ServerIronADX(config-gslb-dns-brocade.com)# host-info www http
ServerIronADX(config-gslb-dns-brocade.com)# host-info www ip-list 209.200.1.1
209.200.1.2 209.200.1.3 209.200.1.4 209.200.1.5
ServerIronADX(config-gslb-dns-brocade.com)# exit
ServerIronADX(config)# gslb policy
ServerIronADX(config-gslb-policy)# dns transparent-intercept
These commands configure a virtual server for the authoritative DNS server IP address, specify the
zone and host names for which to intercept queries, and specify the IP addresses to use in
responses to the queries. The commands also enable the DNS transparent intercept feature and
enable the ServerIron ADX to examine incoming DNS packets.