Cisco Ace GSS Vs Bind

Unanswered Question
Oct 1st, 2010

I have a client that implements its data center redundancy via BIND using its DNS features. I´m trying to sell cisco Gss to that customer. What are the improvements that I could get with Cisco GSS? Just the DOS protection and interconection with ACE for health checking?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
chrhiggi Wed, 10/20/2010 - 10:26


The GSS itself is meant to be an intelligent DNS server.  What it provides:

1.) Probing for the answers it sends back to clients, dynamic removal of answers if probes fail.

2.) Failback clauses - if a primary set of answers are all unavailable, multiple other groups can be configured. This allows multiple levels of failure mitigation.

3.) Load based answering - using Kal-AP, the GSS can probe a CSS, CSM, or ACE device to determine which site is most/least loaded and send answers for a site accordingly.

4.) Proximity based answering.  The GSS uses DRP agents to find which GSS is local to the client D-proxy and pull answers for that specific site.

5.) DOS attack prevention.

6.) CNR (full DNS server - a stand alone GSS only responds to A queries or forwards requests to an NS server.)

GSS Admin Guide

GSS Configuration Guide

GSS - CNR Installation

CNR configurations


This Discussion