Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
738
Views
0
Helpful
2
Replies

GSLB - DNS response from the wrong interface

norm3000
Level 1
Level 1

‎10-26-2001 10:57 AM

Our Intranet includes two datacenters with a CSS at each datacenter. Each CSS has a circuit to the LAN at that datacenter as well as a circuit to the CSS at the other datacenter via ATM. The problem we are having is with sites that are Global Server Load Balanced by the CSSs. Depending on where the client sits on the network and how the OSPF routing tables look, a client could send a DNS request to one interface on the CSS and get the response from the other interface. When this happens, the DNS response has a source IP of the second interface which looks like a spoof to the client.

I am wondering if anyone else has had this problem and what you have done to fix it. We are considering removing the ATM link between the two CSSs but it is nice to have. In my opinion, the CSS needs to be "fixed" to always source the DNS response with the IP address that it received the request on. In fact, the DNS RFC specifies that DNS servers must do this.

Any thoughts would be appreciated.

Thanks,

Norman Ackroyd

Web Infrastructure Specialist

na11@daimlerchrysler.com

Labels:
0 Helpful
2 Replies 2

ciscomoderator
Community Manager
Community Manager

‎11-04-2001 09:00 PM

Since there has been no response to your post, it appears to be either too complex or too rare an issue for other forum members to assist you. If you don't get a suitable response to your post, you may wish to review our resources at the online Technical Assistance Center (http://www.cisco.com/tac) or speak with a TAC engineer. You can open a TAC case online at http://www.cisco.com/tac/caseopen

If anyone else in the forum has some advice, please reply to this thread.

Thank you for posting.

0 Helpful

troark
Level 1
Level 1

‎11-08-2001 12:50 PM

I think your describing the default dns balancing method of roundrobin. Our configurations did exactly the same thing until I added a "dnsbalance perferlocal" in the rules.

http://www.cisco.com/univercd/cc/td/doc/product/webscale/css/css_410/bsccfggd/owners.htm#22226

Hope I've understood the problem from your description.

Todd Roark

Sr. Network Engineer

Kinder Morgan Inc.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents