Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

website name resolutions

We have a setup

Internet----checkpoint firewall---GSS----ACE----Servers

ACE is configured with the rserver ip address and vips.

GSS is pointing to vips ip address.

When any client try to do the nslookup to website address it resolves to

vips ip address which is private.

I need to know is there any setting i need to do on GSS or on checkpoint firewall so that i can resolve website to public ip address.

Thanks in advance.

1 REPLY
Bronze

Re: website name resolutions

1. The client browser asks the locally configured DNS server for a translation to an IP address.

2. The DNS server round-robins an address resolution request to one of the CSSs.

3. The selected CSS authoritative DNS server (in this example, CSS-0) determines server availability based on the DNS balance type configured for the zone or the domain record as follows:

•If CSS-0 determines that the best selection is a name server (NS) record, the CSS begins a recursive query of the name server to determine an authoritative response.

•If CSS-0 finds that the best selection is an address record (A-record), it formulates an authoritative response immediately. In this example, CSS-0 decides that the best selection is an A-record (learned through the peer mesh with CSS-1) for a data center in Zone 1.

4. CSS-0 sends an authoritative response that contains the resolved IP address of www.work.com to the client local DNS server.

5. The local DNS server notifies the client that sufficient domain name resolution information is available to establish a data connection to www.work.com.

6. Lastly, the client uses the local DNS server response information (IP address) to connect to a service and starts receiving content. In this example, the best service is located in Zone 1 at IP address 192.168.9.7.

137
Views
0
Helpful
1
Replies
CreatePlease to create content