GSS Implementation at Data Center & DR

Hello All,

First off all I would like to say that I have limited experience in DNS implementation.

I have been trying to find the implementation / configuration example of GSS devices at Data Center and DR, unfortunately I couldn’t find one.

Reading the GUI Configuration guide ver4.1and Forum topics helped me understand the architecture and the functionality of the GSS. GSS acts as the DNS server, provided we need to delegate name resolution requests to the GSS for a particular domain.

I have a pair of GSS 4492 at the DC and a pair of GSS 4492 at the DR, this needs to be implemented to load balance the DNS requests coming from the INTERNET. The NS records for the Customer’s Web URL (for eg., and the A records of the GSS Boxes of DC & DR is hosted in the Service Provider’s Public DNS, for E.g. – IN NS IN NS IN A 21.1.x.x IN A 115.189.x.x

The Data Center & DR is not active / active. DR is standby and if the DC fails for any reason, it will be decided by Customer to bring UP the DR {applications which are Shutdown on the Servers are brought UP}.

I have read and understood the configuration procedure of the GSS from the GUI Configuration guide ver4.1. Resources •à Source List •à Domain List •à Answers •à DNS Rule is what needs to be configured.

Before I go ahead and try out the configuration, I need your help to clarify certain queries which I have explained below –

  • •1.    Is it true if there are two NS records in the Public DNS server for a particular URL / domain, the Public DNS will load balance the name resolution requests to both the NS records in ROUND ROBIN fashion?

  • •2.    If the Public DNS round robins the name resolution requests, then 50% of the requests are hitting on the DR GSS, where the DR GSS is live and reachable but its Answers {DR VIPs} are DOWN. Can we create a DNS Rule on the DR GSS Box with 1st Answer in the Ordered List as to forward the requests to DC GSS “ IN A 21.1.x.x” and then the 2nd Answer as to direct the DNS Requests to the DR VIP. When the DC Fails for some reason, the 1st Answer Redirecting any name resolution request hitting the DR GSS to the DC GSS also FAILS and it triggers the 2nd Answer redirecting the name resolution request to the DR VIP. Will this solution work, Ordered List “1st Answer & 2nd Answer” ??

  • •3.    My colleague who is an Windows Active Directory expert suggested to Add only one NS record entry in the Public DNS of DC Only ie., “ IN A 21.1.x.x”. In the event of DC failure, then ask the Internet Service Provider to add the DR NS Record. And when the DC is bought back online, ask the Service provider to remove the DR NS Record. What is your opinion for this solution?? Will not create problem in the Public DNSs synchronization, because DNSs synchronization will take some time and it is slow

  • •4.    Lastly, can we keep the GSS Box at DR offline, so even if the name resolution request hits the DR GSS it will not respond. Hence the Public DNS, if does not get a response in 10secs it will try for the next available NS record and that is DC GSS. Will this solution work??

Please, I request you to help me clarifying these doubts so I can go and try the configuration of the GSS

Thanks & Regards,

Keshava Raju


