GSS Proximity

yves.haemmerli · ‎02-24-2005

In the Global Proximity Configuration, the "wait" parameter is disabled by default. GSS Documentation says that the GSS does not wait to perform proximity selection if it has not received the appropriate RTT information and proceeds to the next balance clause.

But how much time does the GSS wait until he decides that it didn't receive appropriate RTT information ? I can imagine that a certain time is considered to allow the DRP agents to do their probing and returning the RTT information to he GSS, right ?

Thank you

Yves Haemmerli

Gilles Dufour · ‎02-25-2005

The first time a Dproxy makes a request to the GSS, here is no entry in the proximity database.

So the GSS will send a request to the DRP agent but it won't wait for the response.

It will move on to the next balance method.

Next time the same Dproxy comes back, we should have a response from the DRP agent already in our database and we can use it.

If you turn "wait" on, we will wait for the DRP response in the case we have no entry in the database.

Regards,

Gilles.

yves.haemmerli · ‎02-27-2005

Hi Gilles,

Thank you for your answer, I really appreciate your contribution in this forum. It is a great added value for us in the field.

As you maybe remember from one of my previous append, I am planning and testing a large GSS deployment with DRP to locate the most proximate Data Center in regard to the Cleint D-Proxy server. During my tests, I realize that the DRP solution is not working as well as expected. This is due to the fact that several DNS proxy server hosted by ISPs simply don't send any RST packet to the SYN/ACK packet sent by the DRP agent (an IOS router). An example is Wanadoo DNS (80.12.255.135 and .136). The ICMP echo probing method is not accepted either. This is causing a real issue as the proximity feature is not reliable at all..

What do you think about this question and what would be the recommendation ?

Thank you,

Yves

Gilles Dufour · ‎02-28-2005

Unfortunately, I have no answer for this question.

I understand some ISP may filter external access to their dns servers and I don't know what to do in this case.

I would say the only solution is static proximity entry.

And an email to the ISP to inform them about the problem as more and more people use DRP, they will have to allow some access.

Gilles.

yves.haemmerli · ‎03-02-2005

Hi Gilles,

Yes, I agree with you. However, contacting the ISPs and convince them to allow the DRP probes, its more than difficult...In am in a process to test several ISPs but my first results show that several of them are not allowing SYN/ACK probes...This makes the GSS proximity solution not so reliable. In order to guarantee that all clients get at least an answer, I disabled the "wait" option and configured a default answer which points to the default Data Center.

I have a suggestion to enhance the information displayed by the GSS:

- It would be an advantage to see the percentage of D-Proxy servers, dynamically stored in the Proximity database that responded to the TCP or ICMP probes.

This would give a figure of how pertinent is the proximity load balancing.

Thank you for your feedback

Yves