Found the follwing traffic flow in one of your responses to a qurey for integrating DNS with GSS.
Typical flow is as follows
1. Client will hit their DNS servers (configured on their machines as primary/backup dns server).
2. "Client's DNS server" will query "DNS server authoritative for abc.com" for www.abc.com.
4. "Client's DNS server" will query GSS for www.abc.com.
5. GSS will send the ip add of www.abc.com (which should be configured on ACE as VIP).
6. "Client's DNS server" will handover this VIP to client
7. Client will hit the VIP configured on ACE (for application www.abc.com).
Syed iftekhar Ahmed
My doubt is about steps 3 and 4.
In our scenario, we had done delegation of a subdomin to the GSS. Hence the DNS has two NS entries for the same subdomain.
and when a reuest comes from the Client to the DNS, the DNS does not reply back with the GSS ip address. IT inturn does a recursive lookup with the GSS, The GSSS returns the IP of the server to the DNS which inturn forwrds to the client. hence the client never sees the GSS.
WE had done a staggibg activity to test the effectiveness of this, and it was working fine.
Do you see any drawbacks in this recursive mode of operation when compared to your iterative mode.