cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5972
Views
25
Helpful
17
Replies

VCS Expressway Cluster DNS SRV Records

joemartinez316
Level 1
Level 1

Hello Support,

I've seen many examples of the DNS SRV records and have read the  VCS Cluster Creation Deployment Guide for X8.1 example. I was hoping I could a second set of eyes to verify that my DNS configuration below is accurate. Here is what I have so far:

VCS Expressway LAN 1 Ports are to be used for the VCS Cluster in the DMZ and will not be NAT'd. LAN 2 Ports point to the public internet and are NAT'd.

- Domain: vc.example.com

- Cluster A Record: vcse-nb.vc.example.com points to both VCS Expressway IP address in Round Robin fashion with equal weight and priority (12.x.x.1 and 12.x.x.2)

- VCS Expressway A Records

Vcse-nb-1.vc.example.com – 12.x.x.1

Vcse-nb-2.vc.example.com – 12.x.x.2

DNS SRV Records

_sips._tcp.vc.example.com. 86400 IN SRV 1 1 5061 vcse-nb-1.vc.example.com.

_sips._tcp.vc.example.com. 86400 IN SRV 1 1 5061 vcse-nb-2.vc.example.com.

_sip._tcp.vc.example.com. 86400 IN SRV 1 1 5060 vcse-nb-1.vc.example.com.

_sip._tcp.vc.example.com. 86400 IN SRV 1 1 5060 vcse-nb-2.vc.example.com.

_h323ls._udp.vc.example.com. 86400 IN SRV 1 1 1719 vcse-nb-1.vc.example.com.

_h323ls._udp.vc.example.com. 86400 IN SRV 1 1 1719 vcse-nb-2.vc.example.com.

_h323cs._tcp.vc.example.com. 86400 IN SRV 1 1 1720 vcse-nb-1.vc.example.com.

_h323cs._tcp.vc.example.com. 86400 IN SRV 1 1 1720 vcse-nb-2.vc.example.com.

 

My question is in this example would I need to create SRV records that point to the Cluster A record? I have seen many examples of this but I can't seem to wrap my head around why this would be needed. I appreciate you help!

Thanks,

Joe

 

17 Replies 17

Patrick Sparkman
VIP Alumni
VIP Alumni

There are a few ways you can approach this.

  1. Create an SRV record pointing to each VCS peer A record.  This would lead to two SRV records for each protocol pointing to the different VCS peers.
  2. Create an SRV record pointing to a cluster FQDN, which in turn is pointing to the different VCS peers.  This would lead to a single SRV record for each protocol pointing to the FQDN of the VCS cluster.

I've seen some sites that use either methods above, and they both work.

Going off of your examples in your post, you are correct.

Thank you Patrick! So in my scenario would the Cluster A record just be used for endpoint registration and redundancy while the DNS SRV records would be used for locating the VCS Expressways based upon the service protocol for call processing?

I've never really understood the part about the cluster FQDN portion of the deployment guide, I believe it was used with the old provisioning model within TMS, (TMS Agent Legacy), but I can't say for certain.

DNS SRV records could be for both registration and calling.  Note, if you'd like to use SRV records to register H323 endpoints, you'd also need to include _h323rs._tcp over port 1719.

We use a single SRV record for each protocol/port pointing to a cluster FQDN, which has each peers A record assigned to it.  If anything, you could configure all parts of it if you're unsure.  I know I ran through this same scenario as you when we implemented a VCS Expressway this past December, trying to wrap our heads around the DNS portion, what is what, and how to best approach it.

Hi Patrik, I have many doubts or round robin dns srv , but your explanation is very good.

as in the previous example :

We use a single SRV record for each protocol/port pointing to a cluster FQDN, which has each peers A record assigned

How to do that in DNS?

name = 1 ip?

Sorry , I do not know dns

thans

 

Alejandro -

SRV record would point to your VCS Expressway cluster FQDN.  Your VCS-E cluster FQDN would point to each Expressway peer.  You create an A record with the same domain entry for each peer IP address.

then :

A record for each vcse :

vcse1.vc.domain.com point IP public vcse1

vcsex.vc.domain.com point IP public vcsex

FQDN for cluster name :

 

vc.domain.com point to vcse1.vc.domain.com and vcsex.vc.domain.com?

 

oh , sorry , my knowledge are very limits !!!

 

 

 

 

 

 

 

vc.domain.com points to both vcse1 and vcsex IP address.  In DNS, you can create an A record using the same domain (vc.domain.com) pointing to several IPs.  And anything trying to communicate to that domain will use round-robin, making their way through each IP.

oh ! i`m Sorry I do not understand.
I'll make a diagram to put it graphically.

 

attach simple diagram , thanks 

What you have is correct, you can do it either way, it's really how you want to setup your DNS.  There are many ways to do this, and it's really all down to personal preference and how someone wants to manage the records.

However in your diagram you mention that vc.example.com point in round robin to IP public 1 and 2, then you have an SRV record below that, that points to the cluster FQDN.  You wouldn't point the domain to the VCS peers and then create a SRV record pointing to the cluster FQDN.  You'd do one or the other.

You could do the following, the end results are the same, just different ways to approach how to do it.

Option #1

Create H323/SIP SRV records and point them to the IP of each VCS Expressway peer.  Downside to Option 1 is you have double the SRV records in your DNS to manage.  On the upside, you can prioritize one peer over another using the SRV records because you have individual records for each peer for each protocol in use.

Option #2

Create H323/SIP SRV records and point them to a single VCS Expressway cluster FQDN.  The Expressway cluster FQDN points to the IP of each VCS Expressway peer.  Downside to Option 2, you can't prioritize one peer over another, its dependent on DNS round-robin.  On the upside, it's less DNS records to manage.

Hi.

 First, thanks for your time.

Attached a diagram, with option 1 for internal DNS and option 2 for external dns

It`s that correct? DNS administrator will understand it. 

Use the same domain (vc.example.com) to sip, internal DNS and external Dns can have problems ?

For example, in the jabber for telepresence, all data would not access the same? (vc.example.com)

 

Thanks a lot !!!!!!!!!

Having the same domain internal and external shouldn't cause problems, as long as the internal gets routed to the Control and not the Expressway.  External of course can't reach the Control, so they'd get directed to the Expressway.  We have a similar setup with our DNS.

Your diagram looks good, one thing I noticed though, for one of the public SRV records you have vcse-nb-2.vc.example.com, don't you mean to have that be vcse2.vc.example.com?

Copy/paste .... :)

I will follow this diagram.

Thanks a million , Patrick.

No problem, and by the way, what you have is pretty much the same as the original poster of this discussion, not sure if you noticed.