website name resolutions

Unanswered Question


We have a setup


Internet----checkpoint firewall---GSS----ACE----Servers


ACE is configured with the rserver ip address and vips.

GSS is pointing to vips ip address.


When any client try to do the nslookup to website address it resolves to

vips ip address which is private.


I need to know is there any setting i need to do on GSS or on checkpoint firewall so that i can resolve website to public ip address.


Thanks in advance.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
jsivulka Wed, 06/03/2009 - 13:29
User Badges:
  • Bronze, 100 points or more

1. The client browser asks the locally configured DNS server for a translation to an IP address.


2. The DNS server round-robins an address resolution request to one of the CSSs.


3. The selected CSS authoritative DNS server (in this example, CSS-0) determines server availability based on the DNS balance type configured for the zone or the domain record as follows:


•If CSS-0 determines that the best selection is a name server (NS) record, the CSS begins a recursive query of the name server to determine an authoritative response.


•If CSS-0 finds that the best selection is an address record (A-record), it formulates an authoritative response immediately. In this example, CSS-0 decides that the best selection is an A-record (learned through the peer mesh with CSS-1) for a data center in Zone 1.


4. CSS-0 sends an authoritative response that contains the resolved IP address of www.work.com to the client local DNS server.


5. The local DNS server notifies the client that sufficient domain name resolution information is available to establish a data connection to www.work.com.


6. Lastly, the client uses the local DNS server response information (IP address) to connect to a service and starts receiving content. In this example, the best service is located in Zone 1 at IP address 192.168.9.7.



Actions

This Discussion