Solved: Re: GSS redundancy configuration

new_networker · ‎11-17-2008

Is there any document on configuring GSS devices in redundancy ?

Thanks

Syed Iftekhar Ahmed · ‎11-17-2008

AS I said earlier GSS is little different than other appliances with respect to redundancy.

All the GSSs are active and there is no primary/standby concept with GSSs (as all GSS serve records all time).

On your Authoritative DNS servers you add DNS records for your application

www.abc.com. IN NS gss1.abc.com. <-- NS record for www.abc.com via GSS1

www.abc.com. IN NS gss2.abc.com. <-- NS record for www.abc.com via GSS2

gss1.abc.com. IN A a.b.c.d <-- A record for GSS1

gss2.abc.com. IN A a.b.c.d <-- A record for GSS2

Your Authoritative DNS server then send GSS1/GSS2 ip to the client's DNS server in roundrobin basis (Roundrobin is default DNS behaviour when multiple records are in DNS database. This roundrobin can be changed, for example on Microsoft DNS servers "http://technet.microsoft.com/en-us/library/cc787484.aspx")

.

Since both GSS are active the request could be serve by any GSS.

If one GSS fails then the client DNS server (after not gettting DNS queries answered by the failed GSS) will try the other available GSS.

Syed Iftekhar Ahmed

View solution in original post

Syed Iftekhar Ahmed · ‎11-17-2008

All GSSs in a GSS network are Active (answering DNS requests).

One of the GSSs in GSS network is configured as "Primary GSS Manager (GSSM)" (optionaly another is configured as Backup GSSM). This is the GSS on which all configurations changes are made and monitoring Stats are sent by all other GSSs in the GSS network.

Typically two GSSs are deployed at two data centers. Since both GSSs are defined as Authoritative DNS servers for the VIP, If one GSS fails then (As per typical DNS process) Client's DNS Server will wait 5 sec for the response and then it will mark the failed GSS as failed. After 5 sec the dns request is sent to the other GSS.

Client's DNS server also continues to check the availability of failed GSS (every 10 secs)

For setting up primary/secondary GSSM please consult the GSS config guide

http://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/gss4400series/v2.0/administration/guide/Man_CLI.html#wp1025476

A good document for site selection at

http://www.cisco.com/en/US/docs/solutions/Enterprise/Data_Center/dcstslt.html

HTH

Syed Iftekhar Ahmed

new_networker · ‎11-17-2008

Thanks.

But can two GSSs be deployed at one site acting as active/standby or active/active.

So if one fails other would be available at the same site. Mainly to avoid single point of failure within one site.

with regards to the above, how will be client DNS server send the DNS request to second GSS. Is it because now the authoritative name server (not GSS) will send back the low priority NS record details.

Syed Iftekhar Ahmed · ‎11-17-2008

AS I said earlier GSS is little different than other appliances with respect to redundancy.

All the GSSs are active and there is no primary/standby concept with GSSs (as all GSS serve records all time).

On your Authoritative DNS servers you add DNS records for your application

www.abc.com. IN NS gss1.abc.com. <-- NS record for www.abc.com via GSS1

www.abc.com. IN NS gss2.abc.com. <-- NS record for www.abc.com via GSS2

gss1.abc.com. IN A a.b.c.d <-- A record for GSS1

gss2.abc.com. IN A a.b.c.d <-- A record for GSS2

Your Authoritative DNS server then send GSS1/GSS2 ip to the client's DNS server in roundrobin basis (Roundrobin is default DNS behaviour when multiple records are in DNS database. This roundrobin can be changed, for example on Microsoft DNS servers "http://technet.microsoft.com/en-us/library/cc787484.aspx")

.

Since both GSS are active the request could be serve by any GSS.

If one GSS fails then the client DNS server (after not gettting DNS queries answered by the failed GSS) will try the other available GSS.

Syed Iftekhar Ahmed