Re: GSS topology

kanaris · ‎01-24-2007

Hi there,

We are currently in the process of installing two GSS's into our environment. I have a couple of questions:

Should the GSS's take the place of the DNS servers in the topology?

Is it a better design to use NS records on your existing DNS servers to point to the GSS's?

Thanks

K

bhedlund · ‎01-27-2007

GSS at this time is not a full blown DNS server. For example, it does not handle MX records.

GSS is best implemented as a NS to subdomains of your authoritative domain, integrating into your existing DNS structure.

For example:

foo.com = your existing DNS servers

www.foo.com = your GSS

Hope this helps. Please rate :)

-Brad

kanaris · ‎01-29-2007

Hi Brad,

Do you think that it is best to position your GSS outside your firewall? Would this give you the best picture of availability of your services? Thanks.

K

bhedlund · ‎02-01-2007

Good question.

I think the best scenario would be to locate your GSS boxes outside of the sites altogether, if possible, such as at a hosting facility. This gives them the best visibility to health of each datacenter.

If this is not an option, locating them in a DMZ should be fine. Just make sure that when GSS-1 located at site-1 probes site-2, the keepalives go out to the internet, and not through the internal network.

Hope this helps. Please rate :)

-Brad

scott-goodwin · ‎02-05-2007

The way we implemented it, as we wanted the uses to be able to browse .foo.com and www.foo.com was to make the 2 GSS authoritive for the domains.

However we had our "old" dns servers set as primary secondary forwarders on the GSS and they held all the MX records etc...

Cheers

Scott

kanaris · ‎02-05-2007

Hi Scott,

Did you place your gss on the outside of your firewall, or in a DMZ. Thanks.

Kanaris