cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1598
Views
6
Helpful
11
Replies

GSS at ISP cloud

sathappan
Level 1
Level 1

Hi,

We are planning to replace one External DNS server with two GSS appliance. Can the GSS appliance be hosted at ISP cloud?

If it can be, what will be activities that will be done on the ISP side?

With thanks,

Sathappan

1 Accepted Solution

Accepted Solutions

You have two options

1. Leave the existing DNS server authoritative for example.com and delegate the subdomains that are needed to be globally loadbalanced to the GSS. For example if you want www.example.com & www2.example.com to be globally loadbalanced then simply delegate www.example.com & www2.example.com to GSS.This way apart from the GSS delegated subdomains all the other queries will be

served by the Primary DNS server.

Or

2.Make GSS the authoritative for Domain and use NSforwarding for unsupported/not configured answers.

Syed

View solution in original post

11 Replies 11

sadbulali
Level 4
Level 4

You can locate the GSS anywhere in the network as long as the have network connectivity to the device they are monitoring and to the incoming DNS request. Most of the time they are co-located on the same sub-net as the DNS name server they are talking to. So GSS can be located in the DMZ for Internet facing application and in each data

center. Also, for internal application the GSS are in each data center and on the same sub-net as the internal DNS name servers.

sivaprakasam
Level 1
Level 1

You will have to take into consideration that the GSS only supports DNS queries for A Records. For all other types of DNS records including MX, etc the GSS has to configured to forward these requests to another DNS Server that supports it. The GSS is mainly used to provide high availability for application hosting across multiple Data Centers.

If you want the GSS to host all types of DNS Records, you will have to install on the GSS a Cisco CNR (a separate license will be needed) which will behave as nameserver and will deal with all the requests that the GSS is not able to handle.

When CNR is enabled, All “Unknown” or “Un-Matched” requests by the GSS are forwarded to the CNR.

Also when you are ready to migrate to the GSS the NS Records for the domains you are hosting have to be modified on the ISP name Servers to point to the GSS's.

Hope I have answered your question.

Cheers

Siva Srinivasan

HP Enterprise Services

Allow me to make one clarfication -- the option to install CNR on the GSS is no longer offered.

You can run the CNR on a separate server (as with any DNS server) and integrate the DNS handling between the GSS and the CNR.

Cheers,

David K.

Thanks for all your replies.

Did you guys mean to say, that I cannot completely replace a External DNS server with GSS?

with regards

sathappan

That is correct.

GSS provides global traffic management, disaster recovery and network resilience for Data Centers via intelligent DNS name resolution ("A" records).

GSS itself is not a full DNS server platform.

Cheers,

David K.

If the domain name we need to manage has mx records as well, what will be the solution.

Will the GSS forward the mx record entries to another DNS server.

with regards

sathappan

You can achieve that by using "NS forwarding" on GSS. With NS forwarding GSS will answer the configured A record queries and all the unsupported (MX,PTR,SOA, etc...) & not configured queries will be forwarded

to a seperate Bind server.

You will need following configuration to achieve it

1. create an Answer group ( with NS answers with IP address of BIND server).

2. Create a wildcard domainlist for example .*\.yourdomain\.com

3. Create a rule with "Match DNS query type =ALL" selected & "Answer group" and "domain list" created in above steps.

using the best match logic, request that matches GSS existing rules will be served by GSS and all the

other requests for yourdomain.com (including MX,PTR,SOA & A records not configured on GSS) requests will be forwarded to the External BIND server.

HTH

Syed Iftekhar Ahmed

Thanks Syed,

Out of all the replies, I have summarised my solution. Can you verify whether it is fine.

for my domain "www.example.com" if I have to replace my external DNS server with GSS appliance, I have to contact the Domain registration authority to replace the ns server entries. Then add the external DNS server as the forwarding entry in the GSS appliance for mx records.

with regards

sathappan

You have two options

1. Leave the existing DNS server authoritative for example.com and delegate the subdomains that are needed to be globally loadbalanced to the GSS. For example if you want www.example.com & www2.example.com to be globally loadbalanced then simply delegate www.example.com & www2.example.com to GSS.This way apart from the GSS delegated subdomains all the other queries will be

served by the Primary DNS server.

Or

2.Make GSS the authoritative for Domain and use NSforwarding for unsupported/not configured answers.

Syed

Hi,

I have one more clarification regarding the forwarder entries.

Is the forwarder entry global for GSS or we can configure forwarder per domain?

with regards

sathappan

In the 3 steps I mentioned in the previous post you can see that domain lists are used to control what should be forwarded to external DNS.

You can manipulate this domain list in which ever way you like. You can have multiple rules for multiple domain lists and can force requests for different domains hitting different external DNS Servers.

HTH

Syed Iftekhar Ahmed

Review Cisco Networking for a $25 gift card