Topic: GSLB and DNS (Read 9316 times)

ZManGT · « **on:** August 19, 2008, 10:03:56 AM »

I'm trying to wrap my head around the whole Global Site Load Balancing and I must admit I'm falling a little short on how to set up the DNS records and what the best practice is. I'm hoping that someone here can help explain it again so I can better understand.

It was explained to me there are three methods to setup GSLB DNS

1. The NetScaler controls all DNS records for the domain
-We do not wish to do this because we already have DNS servers

2. The NetScaler would load balance the DNS servers for the domain but it would be Authoritative for the GSLB domain
-This sounds promising and I believe all it's staying is we create a LB VServer that load balances port 53 to our DNS servers and for the new GSLB domain we make a NetScaler GSLB ip (Correct) the DNS Authority.

3. Final option is to create a second subdomain and put it on your existing DNS servers but have the record be an alias record that points to the NetScaler and the NetScaler then hosts the actual record

- I was told this was the recommended way but I don't really understand it.

Can someone give me more detail on how it is setup? Also as a side note is there a limit to the number of GSLB sites a NetScaler can host? If I have 10 different websites that I want to be load balanced globally can I make them all separate GSLB sites?

jmelika · « **Reply #1 on:** August 19, 2008, 11:16:50 AM »

ZManGT,

There are two interesting articles I came across on AppExpert. They might be specific instructions on setting up GSLB, but they are good overview of the process.

http://community.citrix.com/display/ns/How+GSLB+Works
http://community.citrix.com/display/ns/How+DNS+Works

You need AppExpert account to view them. Let me know if you need me to copy them here.

I hope they help.
JM

ZManGT · « **Reply #2 on:** August 20, 2008, 04:38:25 AM »

I've seen those articles but those are at a pretty high level. I was kind of hoping to find someone here that has set it up before that can give me advice on which method they went with and why.

evildani · « **Reply #3 on:** August 20, 2008, 08:49:36 AM »

A couple of weeks ago I was working on that very same issue, here is a guide I developed for that scenario.

It is a local site with two ISP links, and GSLB is used to load balance the links. But it can be applied to any scenario.

Paul B · « **Reply #4 on:** August 21, 2008, 02:14:25 AM »

Not sure about limits on GSLB veservers, but I am aware there is a limit of 32 Records maximum for ADNS.

Paul

Paul B · « **Reply #5 on:** August 21, 2008, 02:34:27 AM »

Quote from: ZManGT on August 19, 2008, 10:03:56 AM

3. Final option is to create a second subdomain and put it on your existing DNS servers but have the record be an alias record that points to the NetScaler and the NetScaler then hosts the actual record

- I was told this was the recommended way but I don't really understand it.

I may get some details wrong, but I'm sure I'll be corrected if I do:

There are 2 halves to setting this up: (a) your existing DNS server(s); (b) the netscaler DNS. (of course, you may want to set up your netscaler to load-balance your existing DNS!)

As I understand it, you would have your existing DNS resolving for "mysite.com", and you make the Netscaler authoritive for a subdomain like "gslb.mysite.com".

On the netscaler, just "follow the instructions" to set up ADNS, for the "gslb.mysite.com" domain.

On your existing DNS server, you need to tell the DNS to go to the netscaler for any references to "gslb.mysite.com": in windows, higlight the parent zone, right click and select "New delegation": tell it the subdomain name ("gslb"), and the name / IP of the DNS (ie list all of the Netscalers' ADNS IP's on the various netscalers).

What should now happen is that any reference to members of "gslb.mysite.com" first go your main DNS (which hosts "mysite.com"), then you get redirected to the netscaler ADNS to get the actual DNS info.... and that is all handled by the GSLB setup!

That any help?

Paul

ZManGT · « **Reply #6 on:** August 21, 2008, 04:39:18 AM »

Evil - Thanks for your document that helps be understand the setup a little more.

Paul - Thanks for your information on the DNS setup. That clears it up alot. One follow-up question though do the NetScalers need an external IP for DNS then or would the request for gslb.mysite.com be proxied back through the mysite.com dns servers?

Once I'm done I'll try to setup a document / web page with screen shots and explanation of the setup to help others out.

evildani · « **Reply #7 on:** August 21, 2008, 01:31:08 PM »

The scenario I used on the doc is like this:
Two ISPs, both come into the network to a DMZ that has a private address range. And both ISPs do NAT to the DMZ, so on the GSLB service I set up the public IP for each ISP. And on the internal service DNS it answers the queries via each link.
In this case the netscaler has no control over the public IP (both) so I justed tell it the public IP in the service and he will resolve it.

Hope it makes it more clear.

Daniel

Paul B · « **Reply #8 on:** August 22, 2008, 03:39:26 AM »

Quote from: ZManGT on August 21, 2008, 04:39:18 AM

do the NetScalers need an external IP for DNS then or would the request for gslb.mysite.com be proxied back through the mysite.com dns servers?

From what I understand, when you delegate the DNS, it's the same relationship as between the root DNS servers and your "mysite.com" DNS.... the root tells the Local (= client's ISP) DNS to go to the other server. So it's more of a "redirect" than a "proxy"... so YES, the Netscaler WILL need to be publicly visible.

(Unless someone wants to correct me, that is ..... :-) )

Paul

evildani · « **Reply #9 on:** August 22, 2008, 06:55:17 AM »

It can be both, but that is configured at the root DNS, the root can answer with a proxy answer or a zone transfer (dont know if the terminology is accurate). The difference is how ask the query to the NS, if the root is a proxy then the root, if it is a tranfer then the client ask himself the qurery to the NS.
It all depends on the deployment topology. Since the DNS query can be answered with almost anything it all comes down to the configuration of the GSLB and the DNS on the netscaler.
I am feeling I am not aswering your question though. Can you elaborate a little more.

Daniel

Paul B · « **Reply #10 on:** August 26, 2008, 02:41:49 AM »

Quote from: evildani on August 22, 2008, 06:55:17 AM

..... or a zone transfer (dont know if the terminology is accurate)

A Zone Transfer is specifically when a pair of DNS servers exchange zone information, eg from a primary to a secondary server, so that the secondary then has an up-to-date copy of the DNS zone database.

(a "zone" is typically a domain / sub-domain name, like "mysite.com" or "support.mysite.com", which then contains various records.)

paul

r00t9 · « **Reply #11 on:** October 03, 2011, 12:53:00 PM »

Quote from: evildani on August 20, 2008, 08:49:36 AM

A couple of weeks ago I was working on that very same issue, here is a guide I developed for that scenario.

It is a local site with two ISP links, and GSLB is used to load balance the links. But it can be applied to any scenario.

Can anyone upload the scenario again, the link is broken now

evildani · « **Reply #12 on:** October 05, 2011, 01:23:13 AM »

Here you can find it:
https://docs.google.com/document/d/1QMVLRP9yBJiAzGE27YVQKmPs7YskfrKf_2Jn-x2Tp5c/edit?hl=es

Netscaler Knowledgebase

News:

Author Topic: GSLB and DNS (Read 9316 times)

ZManGT

GSLB and DNS

jmelika

Re: GSLB and DNS

ZManGT

Re: GSLB and DNS

evildani

Re: GSLB and DNS

Paul B

Re: GSLB and DNS

Paul B

Re: GSLB and DNS

ZManGT

Re: GSLB and DNS

evildani

Re: GSLB and DNS

Paul B

Re: GSLB and DNS

evildani

Re: GSLB and DNS

Paul B

Re: GSLB and DNS

r00t9

Re: GSLB and DNS

evildani

Re: GSLB and DNS