53-1003245-01 July 2014 Brocade Virtual ADX Global Server Load Balancing Guide Supporting Brocade Virtual ADX Version 03.1.
Copyright © 2014 Brocade Communications Systems, Inc. All Rights Reserved. ADX, AnyIO, Brocade, Brocade Assurance, the B-wing symbol, DCX, Fabric OS, ICX, MLX, MyBrocade, OpenScript, VCS, VDX, and Vyatta are registered trademarks, and HyperEdge, The Effortless Network, and The On-Demand Data Center are trademarks of Brocade Communications Systems, Inc., in the United States and/or in other countries. Other brands, products, or service names mentioned may be trademarks of their respective owners.
Contents Preface Document conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii Text formatting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii Command syntax conventions . . . . . . . . . . . . . . . . . . . . . . . . . . viii Notes, cautions, and warnings . . . . . . . . . . . . . . . . . . . . . . . . . . viii Brocade resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Site persistence in GSLB using stickiness. . . . . . . . . . . . . . . . . . . . . 59 Algorithm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60 Enabling sticky GSLB . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61 Allowing sticky sessions for a specific prefix length . . . . . . . . . 61 Configuring the sticky GSLB session life time . . . . . . . . . . . . . . 61 Displaying current sticky GSLB sessions . . . . . . . . . . . . . . . . . .
Displaying GSLB information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .104 Displaying site information . . . . . . . . . . . . . . . . . . . . . . . . . . . .104 Displaying real server information . . . . . . . . . . . . . . . . . . . . . .108 Displaying DNS zone and hosts . . . . . . . . . . . . . . . . . . . . . . . .109 Displaying metric information . . . . . . . . . . . . . . . . . . . . . . . . . .113 Displaying the default GSLB policy . . . . . . . . . . . . . . . . . . . . . .
DNS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 IPv4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 IPv6 address assignment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Preface Document conventions This section describes text formatting conventions and important notice formats that may be used in this document. Text formatting The following text formatting conventions may be used in the flow of the text to highlight specific words or phrases.
Command syntax conventions Convention Description bold text Identifies command names, keywords, and command options. italic text Identifies variables. [] Syntax components displayed within square brackets are optional. { x | y |z } A choice of required parameters is enclosed in curly braces separated byvertical bars. You must select one. x|y A vertical bar separates mutually exclusive elements. <> Nonprinting characters, for example, passwords, are enclosed in angle brackets. ...
Brocade resources To get up-to-the-minute information, go to http://my.brocade.com to register at no cost for a user ID and password. Release notes are available at http://my.brocade.com. White papers, online demonstrations, and data sheets are available through the Brocade website at: http://www.brocade.com/products-solutions/products/index.page Select Application Delivery Switches on this page to navigate to the relevant product information.
Document feedback • Brocade Supplemental Support augments your existing OEM support contract, providing direct access to Brocade expertise. For more information, contact Brocade or your OEM. • For questions regarding service levels and response times, contact your OEM/Solution Provider. Document feedback Quality is our first concern at Brocade and we have made every effort to ensure the accuracy and completeness of this document.
Chapter Global Server Load Balancing 1 Global Server Load Balancing overview Global Server Load Balancing (GSLB) enables a Brocade Virtual ADX device to add intelligence to authoritative Domain Name System (DNS) servers by serving as a proxy to these servers and providing optimal IP addresses to the querying clients.
1 Global Server Load Balancing overview • Straight-forward configuration • All IP protocols are supported In standard DNS, when a client wants to connect to a host and has the host name but not the IP address, the client can send a lookup request to its local DNS server. The DNS server checks its local database and, if the database contains an Address record for the requested host name, the DNS server sends the IP address for the host name back to the client. The client can then access the host.
Global Server Load Balancing overview 1 The GSLB ADX device uses the GSLB protocol to learn the following information from the site ADX devices: • The VIPs configured on the site ADX devices and the health of the VIPs —The site ADX devices report VIP additions and deletions asynchronously. Each time a VIP is added to a site ADX device, it sends a message to the GSLB ADX device to inform the GSLB ADX device of the change.
1 Global Server Load Balancing overview • • • • nntp: the well-known name for port 119 pop3: the well-known name for port 110 smtp: the well-known name for port 25 telnet: the well-known name for port 23 NOTE To display the list when configuring zone information, enter the host-info host-name ? command, where host-name is a string specifying a host name.
Global Server Load Balancing overview FIGURE 1 1 Global Server Load Balancing configuration This example shows a Brocade Virtual ADX configured as a DNS proxy. The Brocade Virtual ADX is configured as a DNS proxy for the DNS server that is authoritative for the domain brocade.com. To configure the Brocade Virtual ADX as a DNS proxy, you identify the DNS name and configure a virtual IP address (VIP) for the DNS.
1 Global Server Load Balancing overview The client’s local DNS server might cache DNS replies from the authoritative server. Normally, these cached responses would prevent the global SLB from taking place, since the local DNS server would respond directly to the client without sending a recursive query to the authoritative DNS server.
Global Server Load Balancing overview 1 NOTE The default order for the metrics is the order shown above. The GSLB Brocade Virtual ADX evaluates each IP address in the DNS reply based on these metrics. Based on the results, the GSLB Brocade Virtual ADX can reorder the list to place the IP address for the “best” site on the top of the list. If the GSLB policy rejects all of the sites, the GSLB Brocade Virtual ADX sends the DNS reply unchanged to the client.
1 Global Server Load Balancing overview Weighted IP metric You can configure the Brocade Virtual ADX to distribute GSLB traffic among IP addresses in a DNS reply, based on weights assigned to the IP addresses. The weights determine the percentage of traffic each IP address receives in comparison with other candidate IP addresses, which may or may not have assigned weights. NOTE You cannot use the Weighted IP metric if the Weighted Site metric is enabled.
Global Server Load Balancing overview 1 Active Bindings metric You can configure the Brocade Virtual ADX to prefer an IP address with the highest number of active bindings. Active bindings are a measure of the number of active real servers bound to a Virtual IP address (VIP) residing on a GSLB site. The GSLB Brocade Virtual ADX uses the Active Bindings metric to select the best IP address for the client.
1 Global Server Load Balancing overview Site ADX device’s available session capacity tolerance If multiple sites are equal after the above comparisons, the GSLB Brocade Virtual ADX prefers the site ADX device (remote ADX device) whose session table has the most unused entries. When comparing sites based on the session table utilization, the GSLB Brocade Virtual ADX considers the sites to be equal if the difference in session table utilization does not exceed the tolerance percentage.
Global Server Load Balancing overview 1 Site ADX device’s administrative preference The administrative preference is an optional metric. This metric is a numeric preference value from 0 to 255 that you assign to each site ADX device, to select that ADX device if the previous metrics do not result in selection of a best site. The GSLB policy prefers the site ADX device with the highest administrative preference.
1 Global Server Load Balancing overview Round Robin Selection The Round Robin Selection metric is an alternative to the Least Response Selection metric as the final tie breaker. When you enable Round Robin Selection, the GSLB Brocade Virtual ADX automatically disables the Least Response Selection metric, and instead uses the round-robin algorithm to select a site.
Minimum required configuration 1 If you are configuring more than 256 zones or configuring more than 600 hosts, perform the following tasks. 1. Change the virtual server system parameter to the maximum value supported by the active license. Use the system-max l4-virtual-server command. 2. Change the maximum real server system parameter to the maximum value supported by the active license. Use the system-max l4-real-server command. 3.
1 Minimum required configuration port dns port http bind dns dns-rs dns bind http dns-rs http ! gslb dns zone host-info www http Use server real dns-rs-name dns-ip-addr for a local DNS server. Use server remote-name dns-rs-name dns-ip-addr for a remote DNS server. The host-info defines an enabled application in the DNS zone. For example, you can also specify host-info ftp ftp. Issue show gslb site on the controller to display site communication information.
1 Configuring GSLB To display the default settings, enter the following command (Note the default metric processing order).
1 Configuring GSLB TABLE 1 Configuration tasks: Global SLB (Continued) Feature See page... Private Virtual IPs (VIPs) (optional) Enable a site ADX device to communicate public VIP addresses to a GSLB Brocade Virtual ADX. GSLB parameters (optional) Change the GSLB protocol port number (optional). page 28 Change the GSLB protocol update period (optional). page 28 Modify the GSLB parameters related to DNS responses.
Proxy for DNS server 1 • If a site contains ADX devices, identify the ADX devices within the server sites. This initiates the Brocade GSLB protocol between the ADX device acting as a DNS proxy and the remote ADX devices in the GSLB sites. The DNS proxy uses information supplied by the remote ADX devices to assess the preferability of IP addresses in the DNS replies. NOTE You can use the GSLB Brocade Virtual ADX for standard SLB.
1 Proxy for DNS server The commands in this example add a real server called “dns_ns”. The DNS server has IP address 10.157.23.46. When you add the real server, the CLI changes to the Real Server configuration level. At this level, you can add TCP or UDP ports and, optionally, modify health check parameters. In this example, the DNS port is added. Notice that the proxy option is specified following the dns option.
Proxy for DNS server Virtual Virtual Virtual Virtual Virtual Virtual 1 ADX(config)#gslb site sunnyvale ADX(config-gslb-site-sunnyvale)#si-name slb-1 10.157.22.209 ADX(config-gslb-site-sunnyvale)#si-name slb-2 10.157.22.210 ADX(config)#gslb site atlanta ADX(config-gslb-site-atlanta)#si-name slb-1 192.108.22.111 ADX(config-gslb-site-atlanta)#si-name slb-2 192.108.22.112 These commands configure two GSLB sites: one in Sunnyvale, the other in Atlanta.
1 Proxy for DNS server NOTE If the GSLB Brocade Virtual ADX itself is also a site for a host, the configuration steps are the same as for remote site ADX devices. Add a site definition and then specify the GSLB Brocade Virtual ADX as the Brocade Virtual ADX at the site. Specify the management IP address as the Brocade Virtual ADX IP address.
Proxy for DNS server 1 This example adds the zone brocade.com and two host names within that zone: www and ftp. The GSLB Brocade Virtual ADX will provide global SLB for these two hosts within the zone. Syntax: [no] gslb dns zone-name name The name parameter specifies the DNS zone name. If you delete a DNS zone (by entering no gslb dns zone-name name), the zone and all the host names you associated with the zone are deleted.
1 Proxy for DNS server By default, the Brocade Virtual ADX applies the GSLB policy only to zone and application names that are configured on the Brocade Virtual ADX. Thus, if the Brocade Virtual ADX receives a DNS reply that contains CNAME records for the requested zone and application, the Brocade Virtual ADX does not apply the GSLB policy to the CNAME records. You can enable the Brocade Virtual ADX to search its GSLB database for the zone and application names in CNAME records.
Proxy for DNS server 1 Configuring HTTP health check parameters For HTTP hosts, you also can customize the health check by changing the URL method and the string requested by the Brocade Virtual ADX, as well as the HTTP status codes the Brocade Virtual ADX accepts as valid responses. By default, the Brocade Virtual ADX performs the HTTP health check as follows: • The Brocade Virtual ADX sends a HEAD request for the default URL string, “HEAD /”.
1 Proxy for DNS server Typically, you use this set of features when the DNS server contains a single server address for the actual domain name, but a separate set of proxy server addresses for an alias for that domain name. When you enable DNS cache proxy and configure the alias for the domain on the GSLB Brocade Virtual ADX, the GSLB Brocade Virtual ADX: • Learns the proxy server addresses under the alias on the DNS server instead of the address for the domain’s actual site.
Proxy for DNS server 1 Configuring null host names When you configure a zone name in GSLB, you enter the zone name, then associate host applications with the zone name. For example, you might configure the following for the “brocade.com” zone: • www.brocade.com (HTTP application) • ftp.brocade.com (FTP application) Some e-commerce sites also accept just a zone name as an alias for a specific application within that zone. For example, a site might accept both “www.brocade.com” and “brocade.
1 Private VIPs for GSLB The following commands enable DNS override on the Brocade Virtual ADX. Virtual ADX(config-vs-dns-proxy)#exit Virtual ADX(config)#gslb policy Virtual ADX(config-gslb-policy)#dns override Syntax: dns override You must enable DNS override for the Brocade Virtual ADX to replace the address. Otherwise, the Brocade Virtual ADX still uses the GSLB policy to select a “best” site but does not replace the IP address with the proxy server’s address.
Private VIPs for GSLB 1 Configuring a public IP address for a VIP To configure a public IP address for a VIP that will be used only by the peer GSLB ADX device, but not for a local site (if present), by the ADX device itself, enter commands such as the following. Virtual Virtual Virtual Virtual ADX-B#config t ADX-B(config)#server virtual-name-or-ip dns-test 192.168.10.1 ADX-B(config-vs-dns-test)#gslb-ip 10.95.55.
1 Configuring GSLB protocol parameters To display public IP address information, enter the following command. The display shows that the public IP address, 10.95.55.23, is used by both the local and peer GSLB ADX devices. Syntax: show server virtual-name-or-ip To display the IP address used for a VIP at a given GSLB site, enter the following command. The example shows that the public IP address, 10.95.55.23, is used for the VIP at the site "local" on the ADX device.
Configuring GSLB protocol parameters 1 You can change the period to a value from 1 to 300 seconds. The GSLB Brocade Virtual ADX then informs all the remote ADX devices of the change. To change the GSLB protocol update period, enter the following commands on the GSLB Brocade Virtual ADX. Virtual ADX(config)#gslb policy Virtual ADX(config-gslb-policy)#protocol status-interval 10 The command changes the GSLB protocol update period to 10 seconds.
1 Configuring GSLB protocol parameters • In DNS proxy, the entire list of IP addresses is sent back to the client with the best IP address selected by the controller at the top of the list. This best IP is selected in accordance with the GSLB policy. An administrator typically configures active only, because the LDNS may cache this response for TTL time and may round-robin the IPs in this list in some cases. • Health check in the GSLB policy is disabled.
Configuring GSLB protocol parameters 1 Virtual ADX(config)#gslb policy Virtual ADX(config-gslb-policy)#dns check-interval 50 Syntax: [no] dns check-interval num The num parameter specifies the interval and can be from 1 to 1000000000 seconds. The default is 30 seconds. Changing the TTL for DNS records By default, the Brocade Virtual ADX sets the TTL to 10 seconds in the DNS records in all the replies from the DNS server for which the Brocade Virtual ADX is performing GSLB.
1 Configuring GSLB protocol parameters DNS override is useful when you want to provide the best address for a web proxy without the need to configure the proxy’s IP address onto the DNS server itself. DNS override is a global parameter. You configure redirection on an individual host basis, then globally enable the GSLB Brocade Virtual ADX to replace the IP addresses in the DNS reply with the proxy server addresses you configure.
Configuring GSLB protocol parameters 1 NOTE DNS override is a global parameter but a list of proxy IP addresses are associated with a specific host in a specific domain. If there are no proxy addresses for a given host, the GSLB Brocade Virtual ADX sends the DNS reply unaltered. An exception is if you have enabled the active only feature, in which case the reply contains only the active addresses. Refer to “Removing IP addresses for sites that fail a health check” on page 29.
1 Configuring GSLB protocol parameters TABLE 2 GSLB policy metrics Metric Default Configuration options Server (host) health Enabled. The GSLB Brocade Virtual ADX performs Layer 4 health checks on the TCP or UDP port and Layer 7 health checks on the application, if the application is known to the Brocade Virtual ADX. You can disable this metric.
Configuring GSLB protocol parameters TABLE 2 1 GSLB policy metrics (Continued) Metric Default Configuration options Available session capacity Enabled. The default tolerance is 10%. When comparing sites based on the session table utilization, the GSLB Brocade Virtual ADX will prefer one site over the other only if the difference in session table utilization is greater than the tolerance percentage. You can change the tolerance to a value from 0 – 100%. You also can disable this metric.
1 Configuring GSLB protocol parameters NOTE You also can configure the Brocade Virtual ADX to intercept or directly respond to DNS queries instead of evaluating responses from the authoritative DNS server. Refer to “DNS cache proxy” on page 65 and “Transparent DNS query intercept” on page 69. Changing the order of GSLB policy metrics You can change the order in which the GSLB Brocade Virtual ADX applies the policy metrics. NOTE We recommend that you always use the health check as the first metric.
Configuring GSLB protocol parameters 1 • flashback – The site ADX device’s FlashBack speed (how quickly the GSLB receives the health check results) • • • • • • geographic – The geographic location of the server health-check – The Layer 4 and application health checks num-session – The remote ADX available session capacity order – The order of the IP addresses.
1 Configuring GSLB protocol parameters To enable the administrative preference metric, which is disabled by default, enter the following commands. Virtual ADX(config)#gslb policy Virtual ADX(config-gslb-policy)#preference To specify the site connection limit and enable the connection limit metric, enter commands such as the following. Virtual ADX(config)#gslb policy Virtual ADX(config-gslb-policy)#connection-load limit 500 This command sets the site connection limit to 500 connections.
Configuring GSLB protocol parameters 1 Implementing the Weighted IP metric You can configure the Brocade Virtual ADX to distribute GSLB traffic among IP addresses in a DNS reply, based on weights assigned to the IP addresses. The weights determine the percentage of traffic each IP address receives in comparison with other candidate IP addresses, which may or may not have assigned weights. NOTE You cannot use the Weighted IP metric if the Weighted Site metric is enabled.
1 Configuring GSLB protocol parameters SLB-Virtual SLB-Virtual SLB-Virtual SLB-Virtual ADX(config-gslb-policy)#weighted-ip ADX(config-gslb-policy)#gslb dns zone example1.com ADX(config-gslb-dns-example1.com)#host www http ADX(config-gslb-dns-example1.com)#host www ip-weight 10.1.1.80 50 Syntax: [no] weighted-ip Syntax: [no] gslb dns zone name For name, enter up to 32 characters Syntax: [no] host-info host-name host-application | tcp/udp-portnum The host-name parameter specifies the host name.
Configuring GSLB protocol parameters 1 Virtual ADX#show gslb dns zone ZONE: example12.com HOST: www: * * 10.10.10.200: dns v-ip 10.1.1.101: dns v-ip ACTIVE N-AM ACTIVE N-AM Flashback delay (x100us) TCP APP 9 19 0 0 4 DNS resp. selection counters Count (%) 0 (0%) (100%) Syntax: show gslb dns zone Implementing the Weighted Site metric You can configure the Brocade Virtual ADX to distribute SLB traffic among GSLB sites based on weights configured for the sites.
1 Configuring GSLB protocol parameters DNS response processing When the Weighted Site metric is enabled, the GSLB Brocade Virtual ADX selects an IP address belonging to a particular site to be the best IP address in the DNS reply to a client. The client subsequently makes an SLB request to that IP address. Using the Weighted Site metric, the GSLB algorithm calculates a relative weight for each IP address and selects the IP address with the least relative weight.
Configuring GSLB protocol parameters 1 Configuring Weighted Site metrics To configure Weighted Site metrics, complete the following tasks. 1. Enable the Weighted Site metric. 2. Select the site for which to apply weights. 3. Configure a weight for the site. For example, enter commands such as the following.
1 Configuring GSLB protocol parameters Syntax: show gslb traffic site This command shows the domains hosted by each site. For each domain name, it shows how much traffic was sent to each Brocade Virtual ADX in that site, and the total percentage of traffic sent to the site. The second example shows the third site. SITE: THREE * a.b.c DNS Requests: 36 SI VIP Selection (%) == === 10.1.1.3 10.1.1.183 Site Selection for Domain: 0 (0 %) ============= 0 (0 %) * b.b.
Configuring GSLB protocol parameters 1 In order to implement the Active Bindings metric, the GSLB Brocade Virtual ADX processes information it receives from an agent.
1 Configuring GSLB protocol parameters Syntax: show gslb dns zone Refer to “Displaying the results of traffic distribution for Weighted IPs” on page 40 for an example screen display.
Configuring GSLB protocol parameters 1 Tracking an application port for active bindings You can configure the GSLB Brocade Virtual ADX to track a particular application port for active bindings if multiple application ports are associated with a domain. For example, if application ports HTTP and SSL are configured for www.example4.com, you may need the active bindings count for the VIPs to be based only on the active bindings for the HTTP port but not the SSL port.
1 Configuring GSLB protocol parameters Specifying the site connection limit The site connection limit is the maximum number of new connections per second a site can have without being disqualified by the GSLB policy. During site comparison, when the GSLB policy is comparing otherwise equal sites based on the connection load metric, the policy disqualifies a site if its average number of new connections is higher than the specified connection limit. The same connection limit applies to all sites.
Configuring GSLB protocol parameters 1 This command changes the number of sampling intervals from 5 to 6 but leaves the sample rate set to 5 seconds. At any given time, the site ADX device will have the average load for six intervals, for the previous 5, 10, 15, 20, 25, and 30 seconds. The average connection load will be calculated based on these six samples.
1 Configuring GSLB protocol parameters Changing the session-table capacity threshold and tolerance values You can change the following parameters associated with the session-table metrics: • Session capacity threshold – Specifies how close to the maximum session capacity the site ADX device (remote ADX device) can be and still be eligible as the best site for the client. This mechanism provides a way to shift load away from a site before the site becomes congested.
Secure GSLB 1 When the Brocade Virtual ADX compares the FlashBack speeds, it compares the Layer 7 (application-level) FlashBack speeds first, if applicable. If the application has a Layer 7 health check and if the FlashBack speeds are not equal, the Brocade Virtual ADX is through comparing the FlashBack speeds. However, if only the Layer 4 health check applies to the application, or if further tie-breaking is needed, the Brocade Virtual ADX then compares the Layer 4 FlashBack speeds.
1 Secure GSLB The unencrypted packet refers to the entire packet without a MAC. The sequence number is a 32-bit implicit packet sequence number. This number is initialized to zero for the first packet, and it is incremented for every GSLB protocol packet sent thereafter. The message authentication key is negotiated during authentication phase as described in the section “Initial session key generation” on page 52. • Data authentication: Guarantees that the sender of the data is the legitimate peer.
Secure GSLB 1 From Site ADX device to GSLB Controller: • Site ADX device uses the public key of the GSLB controller to encrypt a random sequence of bytes. • • • • The site ADX device sends these encrypted bytes to the GSLB controller. The GSLB controller uses its private key to decrypt the bytes. The GSLB controller sends the decrypted bytes back to the site ADX device. The site ADX device compares the decrypted bytes to the original bytes it sent to the GSLB controller.
1 Secure GSLB Generating RSA key pair Before authentication can proceed, each ADX device that is secure GSLB enabled must generate a static RSA public/private key pair for itself. The private key is used to prove the identity of the local device. It never leaves the system. In comparison, the public key is sent to the remote peer. The peer then uses that key to decrypt data. The private key and public key compensate each other.
Secure GSLB 1 Exchanging public keys Each ADX device must exchange public keys with each peer ADX device it needs to communicate with. This exchange allows the peers to authenticate before the GSLB communication starts. The ADX device uses an out-of-band channel to deliver the fingerprint of the public key, which ensures the key comes from a trusted authority.
1 Secure GSLB The IP address parameter specifies peer IP address this device talks to. The name parameter specifies the host name of local device. The decimal parameter specifies TCP port used for the key exchange communication, such as the following. Virtual ADX(config)#crypto key-exchange 10.1.1.1 test 111 4. Bob receives David's public key. The fingerprint is printed on Bob's screen. Both Bob and David read out the fingerprint and verify they match.
Secure GSLB 1 To verify the communication state and public fingerprint key entry being exchanged, enter a command such as in the following. SLB-Virtual ADX(config)#show gslb security peer Public key for peer 10.2.2.1 Valid duration(seconds): 30000000 loaded from flash 0 Peer authentication handshake done 1 key get from peer 10.2.2.1 fingerprint: 63743f5c a1b77dbf 68adbb8e 46379203 9647c77c Public key for peer 10.2.2.
1 Secure GSLB The never option, after the initial public key exchange, configures the peer public keys to never automatically expire. They are assumed to be valid until and unless the administrators manually intervene and perform the public key exchange. The keys will be saved and reused for new TCP connections. Network administrators do not need to be involved after initial key exchange.
Site persistence in GSLB using stickiness 1 The random option configures the controller to regenerate session keys for the peer site ADX device at a bounded random frequency. When used with random, the duration parameter specifies the bound on the random key regeneration duration in minutes. The key will be randomly regenerated between 1 minute and the upper bound specified by the duration parameter. Minimum GSLB configuration Following is a sample minimum GSLB controller configuration for Secure GSLB.
1 Site persistence in GSLB using stickiness To ensure the selected IP is still valid for the request, the GSLB controller checks for the following conditions to be true before it returns the reply: • Selected IP still belongs to the requested domain • Selected IP is still active Sticky GSLB is implemented as a GSLB policy, and it can be applied globally or on per host basis. Algorithm The following flow diagram illustrates how the Sticky GSLB algorithm works.
Site persistence in GSLB using stickiness 1 Enabling sticky GSLB Enabling sticky GSLB is the minimum required configuration. On the GSLB controller, to enable Sticky GSLB globally for all the domains, enter commands such as the following. SLB-Ctrl-Virtual ADX(config)#gslb policy SLB-Ctrl-Virtual ADX(config-gslb-policy)#sticky On the GSLB controller, to enable Sticky GSLB for a specific host, enter commands such as the following.
1 Site persistence in GSLB using stickiness Displaying current sticky GSLB sessions To display current Sticky GSLB sessions, rconsole into a barrel processor (BP) and enter the following command. Brocade#show session all 0 Session Info: Flags - 0:UDP, 1:TCP, 2:IP, 3:INT, Index Src-IP Dst-IP ===== ====== ====== 0 10.0.0.5 10.1.1.10 5 1 10.0.0.5 10.1.1.30 5 2 10.1.1.0 255.0.255.0 7 3 10.1.1.6 10.0.0.1 1 4 10.1.1.7 10.0.0.1 1 5 10.0.0.5 10.1.1.10 5 6 10.0.0.5 10.1.1.30 5 7 10.0.0.5 10.1.1.11 5 8 10.0.0.5 10.
Site persistence in GSLB using stickiness 1 Sticky GSLB counters To display how many times an IP address was selected as the best candidate for a client request, enter the following command. Virtual ADX#show gslb dns detail ZONE: gslb.com HOST: www: (GSLB policy: test) Flashback DNS resp. delay selection (x100us) counters TCP APP Count (%) * 10.1.1.30: dns v-ip ACTIVE N-AM 0 0 13 (100%) Active Bindings: 1 site: local, weight: 0, SI: 10.1.1.1 session util: 0%, avail.
1 Site persistence in GSLB using stickiness The “Sticky selection count” is automatically cleared when a site goes down and comes back up, as shown in the following example. Virtual ADX#show gslb dns detail ZONE: a.nab HOST: www: (Global GSLB policy) GSLB affinity group: global * 10.2.2.100 Flashback delay (x100us) TCP APP 0 0 DNS resp. selection counters Count (%) 3 (100%) : cfg v-ip ACTIVE N-AM Active Bindings: 1 site: local, weight: 0, SI: site1 (10.1.1.3) session util: 0%, avail.
DNS cache proxy 1 Deleting sticky GSLB session for a specific client To delete Sticky GSLB sessions for a specific client, enter a command such as the following. Virtual ADX#clear gslb sticky-session client-ip 10.1.1.101 Syntax: clear gslb sticky-session client-ip client-ip The client-ip is the IP address or prefix of the client for which sticky session will be deleted. Deleting all sticky GSLB sessions To delete all the Sticky GSLB sessions globally, enter a command such as the following.
1 DNS cache proxy If the GSLB Brocade Virtual ADX cannot respond directly to the client for the requested domain (for example, because the domain is not configured on the GSLB Brocade Virtual ADX), the Brocade Virtual ADX sends the request through to the DNS server. This is the same behavior as when the DNS cache proxy feature is disabled. NOTE You can combine the DNS cache proxy feature with the DNS override feature to completely eliminate the separate DNS server.
DNS cache proxy 1 • Number of DNS queries the GSLB Brocade Virtual ADX has responded to using the DNS cache proxy feature instead of forwarding the queries to the DNS server. (See the Direct response field under “DNS cache proxy stat:” in the output.) The following statistics are displayed for transparent DNS query intercept: • Number of queries the Brocade Virtual ADX has redirected to a proxy DNS server or another ADX device. (See the Redirect field under “DNS query intercept stat:” in the output.
1 DNS cache proxy When you enable the DNS override feature, you also need to configure an IP list for the required domains. The Brocade Virtual ADX performs health checks on the IP addresses configured for the domains and directly responds to client queries by using the GSLB policy to select the best IP address from the IP list configured for the requested domain.
Transparent DNS query intercept 1 In modes such as DNS proxy, when client sends a query with DNS type ANY, GSLB Brocade Virtual ADX receives the DNS server response containing all the DNS records configured for the domain. In addition to query type A records, GSLB Brocade Virtual ADX also identifies type ANY as a supported query type. It will parse the DNS response to find all the A records contained within the response.
1 Transparent DNS query intercept NOTE A Brocade Virtual ADX configured for transparent intercept redirects or directly responds to client requests only for domain configured on the Brocade Virtual ADX. If the domain name requested by the client is not configured on the Brocade Virtual ADX, it forwards the query to the actual DNS server without intercepting, and the reply is untouched by GSLB. Example Figure 5 shows an example of a configuration that uses transparent DNS query intercept.
Transparent DNS query intercept FIGURE 5 1 Transparent DNS query intercept configuration Redirecting queries To configure transparent DNS query intercept to redirect queries to a proxy DNS server or another GSLB Brocade Virtual ADX: • Configure a real server with the IP address of the proxy DNS server or other GSLB Brocade Virtual ADX to which you want to redirect queries. • Configure a virtual server with the IP address of the authoritative DNS server that you want to intercept.
1 Transparent DNS query intercept NOTE In standard GSLB configuration, the Brocade Virtual ADX sends a DNS query to the DNS server to get the IP addresses for the domain and performs health-checks on them. However in this transparent intercept mode, where you do not do GSLB on the DNS response, the Brocade Virtual ADX does not do these things. NOTE The Brocade Virtual ADX intercepts queries only for domain names configured on the Brocade Virtual ADX.
Transparent DNS query intercept 1 queries. This parameter also instructs the Brocade Virtual ADX to ignore ARP requests and pings to the address. The Brocade Virtual ADX needs to ignore ARPs and pings to the address because the address still belongs to the authoritative DNS server. Without the intercept parameter, the Brocade Virtual ADX will respond to ARPs and pings to the virtual server’s IP address.
1 Transparent DNS query intercept The commands are the same as the ones for configuring the Brocade Virtual ADX to redirect queries directly to another DNS server, with one difference. The command that enables the DNS port on the real server (the other ADX device) uses the proxy parameter. This parameter indicates that the Brocade Virtual ADX needs to perform GSLB on the response before sending the response back to the client.
Transparent DNS query intercept 1 Syntax: host-info host-name ip-list { ipv4-address | ipv6-address } This command specifies the IPv4 or IPv6 addresses you want the Brocade Virtual ADX to use in its replies to the intercepted DNS queries. You can specify as many addresses as you need. Separate each address with a space. The Brocade Virtual ADX applies the GSLB policy to the addresses and sends only the best address in the response to a client query.
1 Enabling DNS request logging Enabling DNS request logging You can enable logging of the following information for DNS requests assisted by the GSLB Brocade Virtual ADX: • • • • • Source IP address (the address of the client making the request) Best IP address (site address provided by the Brocade Virtual ADX) Host Zone Metric used When you enable logging of this information, the Brocade Virtual ADX generates a Syslog message for each DNS requests assisted by the Brocade Virtual ADX.
Enabling DNS request logging 1 Distributed health checks for GSLB The GSLB Brocade Virtual ADX evaluates each IP address in the DNS reply based on a set of criteria. Depending on the results of this evaluation, the GSLB Brocade Virtual ADX reorders the list to place the “best” IP address on the top of the list. Usually, the GSLB Brocade Virtual ADX uses a server’s health as one of the most important criteria to evaluate the server IP addresses in a DNS reply.
1 Enabling DNS request logging Syntax: [no] si-name [name] ip-addr no-si-dist-health-check NOTE The si-name command also has an optional parameter that specifies the ADX device’s preference. This parameter is not related to the distributed health check feature. Enabling the distributed health check feature for an individual site ADX device You can enable the distributed health check feature for an individual site ADX device.
Enabling DNS request logging 1 Configuring the maximum ports per VIP address in a VIP address list message The site ADX device sends a VIP address list message that contains a list of VIP addresses, VIP ports, and associated health and other information to the GSLB controller. By default, each site ADX device can send up to 10 ports for each VIP address. You can configure the site ADX device to send health status of up to 30 ports per VIP address in a VIP address list message.
1 Enabling DNS request logging This configuration can be made locally on the individual site ADX device. If health status reporting interval is also configured globally on the GSLB Brocade Virtual ADX, then the health status interval configuration on the individual site ADX device takes precedence over it for that site ADX device.
Enabling DNS request logging 1 the host servers behind the non-distributed health check site ADX devices. Thus the distributed health check GSLB Brocade Virtual ADX maintains health checks and computes the Flashback delay only for host servers behind the non-distributed health check site Servers. Since Flashback delay is not relevant and not computed for all the host servers, the Flashback metric is disabled by default if the GSLB Brocade Virtual ADX supports the distributed health check feature.
1 Enabling DNS request logging Mandatory configuration is required to disable distributed health check for all ADX devices at site “sunnyvale” since none of the ADX devices at that site support the distributed health check feature. Configure the following on the GSLB Brocade Virtual ADX for site “sunnyvale”.
Enabling DNS request logging 1 In the above example, configure the following on the GSLB Brocade Virtual ADX. GSLB-Virtual GSLB-Virtual GSLB-Virtual GSLB-Virtual check GSLB-Virtual ADX#conf t ADX(config)#gslb site sunnyvale ADX(config-gslb-site-sunnyvale)#no-distributed-health-check ADX(config-gslb-site-sunnyvale)#si 10.1.1.105 enable-si-dist-healthADX(config-gslb-site-sunnyvale)#end Example 3 In this example: • The GSLB Brocade Virtual ADX does not support the distributed health check feature.
1 Host-level policies for site selection Host-level policies for site selection Brocade Virtual ADX provides the following support for configuring GSLB policies for specified GSLB hosts: • • • • Configuring GSLB policies and apply them to hosts within GSLB domains Applying the global GSLB policy to all hosts Applying a host-level GSLB policy to one or more hosts Applying the global GSLB policy to some hosts and host-level GSLB policies to other hosts Global vs host-level policy The parameters for a hos
Host-level policies for site selection 1 Defining a name for a host-level GSLB policy To define a name for a host-level GSLB policy, enter commands such as the following. GSLB-Virtual ADX#config t GSLB-Virtual ADX(config)#gslb-host-policy abc GSLB-Virtual ADX(config-gslb-host-policy-abc)# The commands create a host-level GSLB policy named abc.
1 Host-level policies for site selection • Sampling intervals and sample rate • Interval weights NOTE If the Connection Load limit is not configured in a host-level GSLB policy, but is configured in the global GSLB policy, and the host-level GSLB policy is applied to a host, the Connection Load metric will not be used during the GSLB selection process for that host/zone.
Host-level policies for site selection 1 When you configure a GSLB host-level policy, by default, the DNS TTL modification is enabled in the policy with a TTL value of 10 seconds. When you apply this policy to a host under a GSLB zone, the Brocade Virtual ADX uses the policy TTL value to modify the DNS TTL values in the responses to the client for queries made to the host; irrespective of the DNS TTL configuration in the global GSLB policy. You can change the DNS TTL in a host-level policy.
1 Host-level policies for site selection • TCP tolerance The GSLB Brocade Virtual ADX uses a tolerance value when comparing the Flashback speeds of different sites. The tolerance value specifies the percentage by which the Flashback speeds of the two sites must differ in order for the Brocade Virtual ADX to choose one over the other. The default Flashback tolerance is 10%. Thus, if the Flashback speeds of two sites are within 10% of one another, the Brocade Virtual ADX considers the sites to be equal.
Host-level policies for site selection 1 NOTE When both the Health Check metric and the Flashback metric are disabled for a host-level GSLB policy, the GSLB Brocade Virtual ADX will not perform any Layer 4 or Layer 7 health checks for the hosts/zones for which the policy applies. Changing the order of the metrics You can change the order in which the GSLB Brocade Virtual ADX applies the policy metrics for the host-level policy.
1 Host-level policies for site selection You cannot disable or change the position of the Least Response Selection metric. The GSLB Brocade Virtual ADX uses this metric as a tie-breaker if the other comparisons do not result is selection of a “best” site. Resetting the order of the metrics To reset the order of the GSLB policy metrics in a host-level policy to the default order, and re-enable all disabled metrics, enter commands such as the following.
Host-level policies for site selection 1 Use the Round Robin Selection metric instead of the Least Response Selection metric when you want to prevent the GSLB Brocade Virtual ADX from favoring new or recently recovered sites over previously configured active sites. The Round Robin Selection metric is disabled by default. When you enable the metric, the software automatically disables the Least Response Selection metric, since they are mutually exclusive.
1 Host-level policies for site selection Displaying host-level policy information Displaying a host-level policy To view a particular host-level GSLB policy, enter the show gslb policy host-policy-name command.
Host-level policies for site selection 1 Displaying all GSLB policies To view all defined host-level policies, enter the show gslb policy host-policy-all command.
1 Host-level policies for site selection Displaying the policy used for hosts To view which GSLB policy is being used for hosts, enter the following command. Virtual ADX#show gslb dns detail ZONE: example12.com HOST: www: (GSLB policy: test) * * * * 10.1.1.101: 10.1.1.22: 10.10.10.200: 10.1.1.76: dns dns dns dns v-ip real-ip real-ip v-ip N-AM N-AM N-AM N-AM Flashback delay (x100us) TCP APP 0 0 22 16 ----- DNS resp.
Host-level policies for site selection 1 Displaying the number of host-level policies To view the number of host-level policies configured and the maximum number of policies that can be configured, enter the following command. Virtual ADX#show gslb resources GSLB resource usage: Current Maximum sites 3 128 SIs 1 200 SIs' VIPs 2 2048 dns zones 1 1000 dns hosts 1 1000 health-checks app. 1 1000 dns IP addrs.
1 Host-level policies for site selection Deleting a Policy That Has Been Applied to Hosts To remove references to, and delete a policy from all hosts to which the policy has been applied, enter the following command on the GSLB Brocade Virtual ADX. GSLB-Virtual ADX#clear gslb host-policy abc Syntax: clear gslb host-policy policy-name To remove references to hosts and delete all host-level GSLB policies, enter the following command on the GSLB Brocade Virtual ADX.
Geographic region for a prefix 1 Geographic region for a prefix Brocade’s GSLB policies use a number of metrics, including the geographic location of a server, to evaluate the server IP addresses in a DNS reply. The GSLB Brocade Virtual ADX uses the Internet Assigned Numbers Authority’s (IANA’s) IP address prefixes (IPv4 or IPv6) to generate an initial static database of geographic prefixes.
1 Geographic region for a prefix The GSLB Brocade Virtual ADX determines the geographic location of the client as follows: • For each client query, the GSLB Brocade Virtual ADX determines the geographic location from which the client query came based on its IP address. If the IP address prefix of a user-configured geographic prefix entry matches that of the client, then the geographic location of the client will be as specified in the user-configured geographic prefix entry.
Geographic region for a prefix 1 Displaying the number of geographic prefixes To view the number of geographic prefixes defined on a GSLB Brocade Virtual ADX, enter the following command. Virtual ADX#show gslb resources GSLB resource usage: Current Maximum sites 3 128 SIs 1 200 SIs' VIPs 2 2048 dns zones 1 1000 dns hosts 1 1000 health-checks app. 1 1000 dns IP addrs.
1 Geographic region for a prefix To view all geographic prefixes on the GSLB Brocade Virtual ADX, enter the following command. GSLB-Virtual ADX#show gslb prefix length = 24, prefix prefix source = geographic prefix length = 24, prefix prefix source = geographic cache all geographic user-configured = 10.1.1.0, region = EUROPE (user-configured), = 10.10.10.0, region = ASIA (user-configured) The output above shows the IP address prefix, prefix length, the geographic region and source (user-configured).
GSLB optimization 1 4. After you configure a geographic location for the prefix, the GSLB Brocade Virtual ADX updates the geographic location for the IP addresses as explained in the section “How geographic location is determined” on page 97. 5. To view the geographic location of the IP addresses, enter the show gslb dns detail command. Virtual ADX#show gslb dns detail ZONE: example12.com HOST: www: (Global GSLB policy) Flashback DNS resp. delay selection (x100us) counters TCP APP Count (%) 10.1.1.
1 GSLB optimization Increased VIP support per site and reduced CPU usage on GSLB controller Through use of the VIP List Optimize feature the maximum number of GSLB-enabled VIPs supported per site is 1024 VIPs per site. Use the following commands on controller and site to avail this functionality. 1. On controller, enable VIP list process optimization by issuing the following command at global config level.
GSLB optimization 1 5. Issue the show gslb site command to determine if optimization of the VIP list processing is enabled for a Site Brocade Virtual ADX, as shown in the following. Virtual ADX#show gslb site SITE: site-1 Enhanced RTT smoothing: OFF SI: 10.87.24.37: state: CONNECTION ESTABLISHED Protocol Version: 1 distributed health-chk Active RTT gathering: NO Secure Authenticate/Encrypt: NO, Optimized dist hcheck: YES, Current num.
1 Displaying GSLB information Guidelines and recommendations for using this feature We recommend that you observe the following guidelines when using this feature: • The GSLB controller and ADX device Site functionality (remote or local) should not be configured on the same ADX device. • Domain IPs should be VIPs rather than real IP hosts to minimize the health-check load on the GSLB controller.
Displaying GSLB information 1 To display information for all the configured sites, enter the following command at any level of the CLI. Virtual ADX(config)#show gslb site SITE: sunnyvale SI: slb-1 10.157.22.209: state: CONNECTION ESTABLISHED Protocol Version: 10 distributed health-chk Active RTT gathering: NO Secure Authenticate/Encrypt: NO, Optimized dist hcheck: NO, Current num. Session CPU load Preference Location sessions util(%) (%) 500000 50 35 128 N-AM Virtual IPs: 10.157.22.227(A) 10.157.22.
1 Displaying GSLB information The following example shows information displayed when the connection-load metric is enabled. Virtual ADX(config-gslb-policy)#show gslb site SITE: two SI: 10.1.1.2: state: CONNECTION ESTABLISHED Current num. sessions 6 Session util(%) 0 CPU load (%) 19 Preference (0-255) 128 Location N-AM Connection Load-Avg 30 Virtual IPs: 10.1.1.
Displaying GSLB information TABLE 7 1 Global SLB site information (Continued) Field Description State The state of the GSLB protocol connection between the GSLB ADX device and the site ADX device. The state can be one of the following: • ATTEMPTING CONNECTION – The GSLB ADX device is still trying to establish a GSLB connection with the site ADX device. • CONNECTION ESTABLISHED – The GSLB ADX device has established a GSLB connection with the site ADX device.
1 Displaying GSLB information TABLE 7 Global SLB site information (Continued) Field Description Virtual IPs The virtual IP addresses (VIPs) configured on the ADX device. This information is reported by the site ADX device. The letter in parentheses at the end of each address indicates whether the ADX device is an active or standby ADX device for that address. The letter can be A (active) or S (standby).
Displaying GSLB information 1 To display real server information for the real servers configured on a remote ADX device, enter commands such as the following at any level of the GSLB ADX device’s CLI. Virtual ADX(config)#rshow 10.157.22.209 server real Real Servers Info Name : rs1 Mac-addr: abcd.5a11.d042 IP:10.10.10.
1 Displaying GSLB information To display information about all the DNS zones and host applications configured on the GSLB ADX device, enter the following command at any level of the CLI. Virtual ADX(config)#show gslb dns zone * * * * * 10.157.22.227: 10.157.22.228: 10.224.100.5: 10.100.100.6: 10.34.100.4: dns dns dns dns dns v-ip v-ip real-ip real-ip real-ip ACTIVE ACTIVE DOWN DOWN DOWN N-AM. N-AM. ASIA S-AM. EUROPE Flashback DNS resp.
Displaying GSLB information TABLE 8 1 GSLB zone and host application information (Continued) Field Description Source The value following each server IP address indicates how the ADX device learned the address. This field can have one of the following values: • cfg – The address is one that you associated with the host as part of the DNS override feature. Refer to “Enabling DNS override” on page 32. • d/c – The address was learned from the DNS server and also is one that you associated with the host.
1 Displaying GSLB information TABLE 8 GSLB zone and host application information (Continued) Field Description FlashBack Delay (x100us) The round-trip time for a health check sent by the GSLB ADX device to the host application on the server. The GSLB ADX device can use this information when comparing the servers in order to select the “best” ones for the client. The GSLB ADX device prefers servers with lower round-trip times to those with higher round-trip times.
Displaying GSLB information 1 The text shown in bold type in the example is the information that is not displayed by the show gslb dns zone command Virtual ADX#show gslb dns detail ZONE: b.c HOST: a: Flashback delay (x100us) TCP APP --- * DNS resp. selection counters Count (%) 6 (18%) 10.4.4.11: dns v-ip DOWN N-AM site: four, SI: 10.4.4.1 session util: 0%, avail. sessions: 524286 preference: 125 10.1.1.11: dns v-ip ACTIVE N-AM 0 0 6 (18%) site: local, SI: 10.1.1.1 session util: 0%, avail.
1 Displaying GSLB information To view metric information, enter the show gslb dns detail command. Virtual ADX#show gslb dns detail ZONE: example1.com HOST: www: * * * * Flashback DNS resp. delay selection (x100us) counters TCP APP Count (%) 10.1.1.24: dns real-ip DOWN N-AM --5 (17%) Metric counter (count [selection-metric]): 5[health-check] 10.1.1.101: dns v-ip ACTIVE N-AM 0 0 8 (25%) site: sunnyvale, Virtual ADX: 10.1.1.102 session util: 0%, avail.
Displaying GSLB information 1 Displaying the default GSLB policy To display the default GSLB policy, enter the following command.
1 Displaying GSLB information TABLE 10 GSLB policy information (Continued) Field Description DNS best-only Indicates whether you have configured the ADX device to remove all IP addresses except the “best” address from DNS replies. This field can have one of the following values: • DISABLE – The ADX device does not remove all addresses except the best one. • ENABLE – The ADX device removes all addresses except the best one.
Displaying GSLB information TABLE 10 1 GSLB policy information (Continued) Field Description DNS TTL Indicates the value (number of seconds) to which the GSLB ADX device changes the TTL in each DNS record in the DNS responses before sending them to the client’s DNS server. NOTE: If the Modify DNS response TTL field contains “DISABLE”, the ADX device does not change the TTLs, regardless of the value in this field.
1 Displaying GSLB information Displaying the user-configured GSLB policy To display the user-configured GSLB policy, enter the following command.
Displaying GSLB information 1 Displaying GSLB resources For GSLB parameters, you can display the number of currently configured items and the maximum number of items you can configure on the ADX device. To display this information, use the following CLI method. To display GSLB resource information, enter the following command at any level of the CLI. Virtual ADX#show gslb resources GSLB resource usage: sites SIs SIs' VIPs dns zones dns hosts health-checks app. dns IP addrs.
1 Displaying GSLB information TABLE 11 GSLB resources Field Description sites The number of remote sites configured on the GSLB ADX device. SIs The number of remote site ADX devices configured on the GSLB ADX device. Each remote site ADX devices is associated with a site. When you add a remote site ADX device, the GSLB ADX device uses the GSLB protocol to establish a TCP session with port 182 on the remote ADX device, for gathering information to use with the GSLB policy.
Displaying GSLB information 1 This information can be useful when troubleshooting your GSLB configuration, by showing you the internal servers and port bindings the Brocade Virtual ADX created based on your GSLB configuration. For example, if your configuration uses multiple zone names associated with the same IP address, you can verify that the Brocade Virtual ADX created an alias TCP port number for each additional zone and application associated with the IP address.
1 Displaying GSLB information NOTE Since the dynamic virtual servers use addresses in the 10.10.10.x/23 subnet for the internal database, a GSLB Brocade Virtual ADX cannot support user-configured real and virtual servers in this address range. Virtual ADX(config)#show server dynamic virtual Virtual Servers Info Server Name: 10.10.10.10 IP : 10.10.10.
Displaying GSLB information 1 Virtual ADX(config)#show server dynamic sessions Avail. Sessions = 524287 Total Sessions = 524288 Total C->S Conn = 90 Total S->C Conn = 0 Total Reassign = 0 Unsuccessful Conn = 2 Server State - 1:enabled, 2:failed, 3:test, 4:suspect, 5:grace_dn, 6:active Real Server State CurrConn TotConn TotRevConn CurrSess PeakConn 10.157.22.229 6 0 0 0 0 0 10.157.22.
1 Displaying GSLB information NOTE Affinity groups are not supported in the show gslb cache all affinity command. Syntax: show gslb cache all geographic static To display the user-configured geographic cache entries on the GSLB Brocade Virtual ADX, enter the following command. Virtual ADX#show gslb cache all geographic user-configured prefix length = 20, prefix = 10.1.0.0, region = ASIA prefix source = geographic (user-configured), rtt-update, site = local, Virtual ADX = (10.1.1.
SNMP traps and Syslog messages 1 Virtual ADX#show gslb cache 10.1.1.1 range 2 29 prefix length = 20, prefix = 10.1.0.0, region = ASIA prefix source = geographic (user-configured), rtt-update, site = local, Virtual ADX = (10.1.1.102), rtt = 7 (x100 usec) prefix length = 24, prefix = 10.1.1.0, region = ASIA prefix source = static, Syntax: show gslb cache ip-addr range length-lower length-upper The example above displays all prefix cache entries for address 10.1.0.0, with a prefix length from 2 to 29.
1 SNMP traps and Syslog messages Syslog messages By default, the ADX device’s Syslog buffer is enabled and contains up to 50 entries. To display the GSLB and other Syslog messages, enter the following command at any level of the CLI.
Chapter Global Server Load Balancing for IPv6 2 Global Server Load Balancing for IPv6 overview Global server load balancing (GSLB) enables a Brocade Virtual ADX to add intelligence to authoritative Domain Name System (ADNS) servers by serving as a proxy to these servers and providing optimal IP addresses to the querying clients.
2 Global Server Load Balancing for IPv6 overview • Displaying GSLB for IPv6 configurations: This section describes commands for viewing GSLB configurations on the Brocade Virtual ADX. • Troubleshooting GSLB for IPv6 configurations: This section describes steps that may be taken to troubleshoot GSLB for IPv6 configurations GSLB for IPv6 feature support In the release of GSLB for IPv6, a subset of modes, GSLB policy metrics, and other features and modules are supported.
Global Server Load Balancing for IPv6 overview 2 Fragmentation Fragmentation is not supported in this release. Customers should either configure an active-only policy or best-only policy (refer to “Configuring DNS response parameters” on page 161) or ensure that the number of IP addresses configured in the IP list is small enough to avoid fragmentation (i.e.
2 Global Server Load Balancing for IPv6 overview FIGURE 7 IPv6 GSLB configuration The GSLB controller makes decisions based on the GSLB policy. In the example above, both the IPv6 VIPs were healthy, so client was directed to the IPv6 VIP that was geographically closer based on the configured policy. If the VIP at the geographically closer site (the US site) was down, the GSLB controller would direct traffic to the EU site. 1. US IPv6 client (browser) sends a DNS request for the website brocade.com. 2.
2 Basic GSLB for IPv6 configuration 5. The local DNS server sends the GSLB DNS response to the querying client. 6. The US IPv6 client initiates communication with the selected VIP. Application traffic flows directly between the IPv6 client and the IPv6 VIP at GSLB Site 10. Basic GSLB for IPv6 configuration Basic configuration tasks include the configuration of the GSLB Brocade Virtual ADX and the site Brocade Virtual ADXs to support GSLB of IPv6 addresses.
2 Basic GSLB for IPv6 configuration Adding a VIP for the ADNS server The server virtual-name-or-ip command enables you to define a virtual server port on the GSLB Brocade Virtual ADX. The virtual server acts as the authoritative DNS server (ADNS) for a domain. Clients send queries to the virtual IP address. The ADNS VIP intercepts DNS requests for the domains configured on it.
Basic GSLB for IPv6 configuration 2 NOTE Although DNS override is a global parameter. The response to the client contains all the domain IPs configured for the domain. You can enable the active-only option in the policy, in which case the reply contains only the active addresses. Refer to “Configuring an active-only policy” on page 161. To display the DNS override state, enter the show gslb policy command. The state is shown in the DNS override field.
2 Basic GSLB for IPv6 configuration The tcp/udp-port-num parameter specifies a TCP/UDP port number instead of a well-known port. If the application is not one of those listed above, you still can configure the GSLB Brocade Virtual ADX to perform the Layer 4 health check on the specified port.
Basic GSLB for IPv6 configuration 2 Preserving optimized IPv6 processing with IPv6 GSLB By default, when you enable IPv6 GSLB on the Brocade Virtual ADX, the Brocade Virtual ADX disables the optimized IPv6 path and redirects SLB IPv6 packets to the non-optimized path used by GSLB IPv6 traffic. The directing of the SLB traffic to the non-optimized path adversely impacts the IPv6 SLB system performance. Also, SSL uses the optimized IPv6 path and cannot be deployed on the GSLB Brocade Virtual ADX.
2 Basic GSLB for IPv6 configuration Configuring sites The GSLB protocol is disabled by default. You must enable the GSLB protocol on each site Brocade Virtual ADX. After you enable the GSLB protocol, the GSLB Brocade Virtual ADX finds the site Brocade Virtual ADXs using their IP management addresses, which you specify when you configure the remote site information. When you create a site, you give it a name and identify the Brocade Virtual ADXs in it.
Basic GSLB for IPv6 configuration 2 Site Brocade Virtual ADX configuration Enabling the GSLB protocol The GSLB protocol is disabled by default on site Brocade Virtual ADX switches. You must enable the GSLB protocol on each site Brocade Virtual ADX switch and configure the IP addresses of the site Brocade Virtual ADX switches on the GSLB Brocade Virtual ADX to enable the GSLB Brocade Virtual ADX to establish communication with the site Brocade Virtual ADX switches.
2 Basic GSLB for IPv6 configuration In a DNS cache proxy with DNS override configuration, GSLB Brocade Virtual ADX (the GSLB controller) itself acts as the authoritative DNS server for the configured zones. The gslb policy command changes the CLI to the GSLB policy configuration level. DNS override allows the Brocade Virtual ADX to replace the IP address in the DNS reply with the IP addresses you configure for the DNS cache proxy. These addresses are defined in the IP list.
2 Advanced GSLB configuration for IPv6 The GSLB protocol is disabled by default on site ADX devices for security. After you enable the GSLB protocol on the site ADX devices, the GSLB Brocade Virtual ADX finds the site ADX devices using their configured IP addresses, which you specify when you configure the remote site information.
2 Advanced GSLB configuration for IPv6 TABLE 13 Advanced GSLB for IPv6 configuration tasks (Continued) Feature Reference DNS response parameters Configuring an active-only policy (optional) page 161 Configuring an best-only policy (optional) page 162 Configuring GSLB policy metrics for IPv6 The GSLB Brocade Virtual ADX supports global server load balancing of IPv6 addresses in cache proxy with DNS override mode.
Advanced GSLB configuration for IPv6 TABLE 14 2 GSLB policy metrics for IPv6 (Continued) Metric Default Configuration options Session capacity threshold Enabled. The default value for the threshold is 90%. Thus, a site Brocade Virtual ADX is eligible to be the best site only if its session utilization is below 90%. You can disable this metric. You can change the threshold to a value from 0-100%. Refer to “Session capacity threshold metric” on page 149. Connection load Not supported.
2 Advanced GSLB configuration for IPv6 TABLE 14 GSLB policy metrics for IPv6 (Continued) Metric Default Configuration options Least response selection Enabled. The GSLB controller selects the site ADX device that has been selected less often than others. Not configurable. Refer to “Least response selection metric” on page 157. Round robin selection Enabled. When round robin selection is enabled, the least response selection metric is disabled.
Advanced GSLB configuration for IPv6 2 This command changes the GSLB policy to the following: • • • • • The health check results The session capacity threshold (capacity) of the site ADX device The available session capacity threshold (num-session) of the site ADX device The FlashBack speed of the site ADX device The least response selection (the site ADX device that has been selected less often than others) Two of the metrics, server health and geographic location, are not specified.
2 Advanced GSLB configuration for IPv6 Disabling or re-enabling individual GSLB policy metrics You can explicitly disable individual GSLB policy metrics.
Advanced GSLB configuration for IPv6 2 Weighted IP metric GSLB Brocade Virtual ADX supports the weighted IP policy metric for load balancing of IPv6 addresses. When enabled, the GSLB controller distributes GSLB traffic among IP addresses in the IP list, based on weights assigned to the IP addresses. The weight configured for an IP address determines the percentage of traffic that a IP address receives in comparison with other candidate IP addresses, which may or may not have assigned weights.
2 Advanced GSLB configuration for IPv6 The host-name variable specifies the host name. You do not need to enter the entire fully qualified host name. Enter only the host portion of the name. For example, if the fully qualified host name is www.example1.com, do no enter the entire name. Enter only "www". The rest of the name is already specified by the gslb dns zone command. The host-application parameter specifies the host application for which you want to create an IP list.
Advanced GSLB configuration for IPv6 2 Weighted site metric You can configure the Brocade Virtual ADX to distribute SLB traffic among GSLB sites based on weights configured for the sites. The weights determine the percentage of traffic each site will receive in comparison with other sites, which may or may not have weights. NOTE You cannot use the weighted site metric if the weighted IP metric is enabled. You assign weights to GSLB sites.
2 Advanced GSLB configuration for IPv6 DNS response processing When the weighted site metric is enabled, the GSLB Brocade Virtual ADX selects an IP address belonging to a particular site to be the best IP address in the DNS reply to a client. The client subsequently makes an SLB request to that IP address. Using the weighted site metric, the GSLB algorithm calculates a relative weight for each IP address and selects the IP address with the least relative weight.
Advanced GSLB configuration for IPv6 2 If you consider the total site traffic for both applications, the traffic distribution is as follows: San Jose = 5 (33%); New York = 6 (40%); and London = 4 (26%). The GSLB Brocade Virtual ADX evaluates the results of the weighted metrics with respect to a specific domain name, not an IP address alone. Configuring weighted site metrics To configure weighted site metrics, complete the following tasks: 1. Enable the weighted site metric. 2. .
2 Advanced GSLB configuration for IPv6 Active bindings metric You can configure the Brocade Virtual ADX to prefer an IP address with the highest number of active bindings. Active bindings are a measure of the number of active real servers bound to a virtual IP address (VIP) residing on a GSLB site. The GSLB Brocade Virtual ADX uses the active bindings metric to select the best IP address for the client.
Advanced GSLB configuration for IPv6 2 Configuring weighted active bindings Weighted active bindings allows you to configure the GSLB Brocade Virtual ADX to direct requests to domain VIPs in proportion to their active bindings. For example, if VIP-1 has two active bindings and VIP-2 has one active binding, you can configure the GSLB Brocade Virtual ADX to direct two-thirds of the client requests to VIP-1 and one-third of the client requests to VIP-2.
2 Advanced GSLB configuration for IPv6 Geographic location metric Brocade Virtual ADX GSLB policies use a number of metrics, including the geographic location of a server, to evaluate the server IP addresses in an IP list. Once you configure a geographic region for an IP address prefix, the GSLB Brocade Virtual ADX determines the geographic region of a server in the following ways: • For a real address, the geographic region is based on the IP address.
Advanced GSLB configuration for IPv6 2 • Asia • Africa To configure a geographic prefix, enter commands such as the following: GSLB-Virtual GSLB-Virtual GSLB-Virtual GSLB-Virtual ADX#configure terminal ADX(config)#gslb policy ADX(config-gslb-policy)#geo-prefix 2001:db8::/64 asia ADX(config-gslb-policy)#end These commands create a geographic prefix entry with IPv6 address 2001.db8::, prefix length 64, and geographic region Asia.
2 Advanced GSLB configuration for IPv6 Enabling default geographic location The use-default-location command enables you to ensure that the geographic policy metric is used to load balance client requests even if the client prefix cache maintained by the GSLB Brocade Virtual ADX is full. By default, the GSLB Brocade Virtual ADX ignores the default location of new client requests if its client prefix cache if full.
Advanced GSLB configuration for IPv6 2 To change the session-table capacity metric, enter commands such as the following: Virtual ADX(config)#gslb policy Virtual ADX(config-gslb-policy)#capacity threshold 99 Syntax: [no] capacity threshold num The num parameter specifies the maximum percentage of a site ADX device’s session table that can be in use. If the ADX device’s session table utilization if greater than the specified percentage, the GSLB Brocade Virtual ADX prefers other sites over this site.
2 Advanced GSLB configuration for IPv6 The GSLB Brocade Virtual ADX uses a tolerance value when comparing the FlashBack speeds of different sites. The tolerance value specifies the percentage by which the FlashBack speeds of the two sites must differ in order for the Brocade Virtual ADX to choose one over the other. The default FlashBack tolerance is 10%. Thus, if the FlashBack speeds of two sites are within 10% of one another, the Brocade Virtual ADX considers the sites to be equal.
Advanced GSLB configuration for IPv6 2 NOTE The administrative preference metric is disabled by default and must be enabled before it is used in the GSLB policy algorithm. Once enabled, it is placed after the available session capacity metric. Refer to “Disabling or re-enabling individual GSLB policy metrics” on page 144. Configuring administrative preference for a site Once enabled, the default administrative preference for sites is 128. You can change the preference on an individual site basis.
2 Advanced GSLB configuration for IPv6 Round robin selection metric The round robin selection metric is an alternative to the least response selection metric as the final tie breaker. When you enable round robin selection, the GSLB Brocade Virtual ADX automatically disables the least response selection metric, and instead uses the round robin algorithm to select a site.
Advanced GSLB configuration for IPv6 2 To return the same IP address for a client that has sent requests previously, the GSLB controller must save the following information: • Client IP address/prefix • Domain name the client requested • Selected IP address for the request This information is saved in a session table when the sticky GSLB persistence is enabled, and the GSLB controller creates a sticky session for each client within the session table.
2 Advanced GSLB configuration for IPv6 To specify the prefix length, enter commands such as the following: SLB-Ctrl-Virtual ADX(config)#gslb policy SLB-Ctrl-Virtual ADX(config-gslb-policy)#sticky ipv6-prefix-length 64 Syntax: [no] sticky ipv6-prefix-length decimal The decimal parameter specifies the prefix length of IPv6 DNS clients. The parameter enables you to aggregate DNS clients into one sticky session. The default prefix length is 128 bits.
Advanced GSLB configuration for IPv6 2 IPV4 and IPV6 sticky sessions will share the same special signature. All sticky GSLB ipv6 sessions are identified by the client IP and the following three tuples that remain the same for all sticky sessions: • Dst-IP: 10.0.255.0 • S-port : 7 • D-port : 8 In the example, the second and third rows show IPV6 and IPV4 sticky sessions. Configuring DNS response parameters Fragmentation is not supported for the GSLB Brocade Virtual ADX for IPv6.
2 Displaying GSLB for IPv6 configurations Configuring a best-only policy The GSLB policy places the best IP address selected by the GSLB policy at the top of the list. Use the dns best-only command to configure the Brocade Virtual ADX to return only the best IP address in the DNS response. NOTE If the GSLB policy does not result in the selection of a “best” address, the DNS reply can still contain multiple addresses.
Displaying GSLB for IPv6 configurations TABLE 16 2 GSLB for IPv6 show commands (Continued) Feature Reference Displaying DNS zones and hosts page 169 Clearing DNS selection counters page 172 Displaying detailed DNS information page 172 Displaying site information page 174 Displaying GSLB IPv6 optimization and optimized SLB IPv6 path information page 178 Show commands for basic GSLB configurations Displaying DNS cache proxy statistics Use the show gslb global-stat command, to see view informat
2 Displaying GSLB for IPv6 configurations Displaying the default GSLB policy Use the show gslb default command to view the default GSLB policy settings for the Brocade Virtual ADX including the default processing order of the GSLB policy algorithm and the status of many optional features including the active-only and best-only DNS response parameters.
Displaying GSLB for IPv6 configurations TABLE 17 2 GSLB policy information (Continued) Field Description DNS best-only Indicates whether you have configured the Brocade Virtual ADX to remove all IP addresses except the “best” address from DNS replies. This field can have one of the following values: • DISABLE: The Brocade Virtual ADX does not remove all addresses except the best one. • ENABLE: The Brocade Virtual ADX removes all addresses except the best one.
2 Displaying GSLB for IPv6 configurations Displaying user-configured GSLB policy Use the show gslb policy command to view user-defined GSLB policy settings for the Brocade Virtual ADX including the default processing order of the GSLB policy algorithm and the status of many optional features including the active-only and best-only DNS response parameters.
Displaying GSLB for IPv6 configurations 2 For a description of the information shown by this command, refer to “Displaying the default GSLB policy” on page 164.
2 Displaying GSLB for IPv6 configurations 2001:db8::22001:db8::18218 (50 %) Site Selection for Domain: 18 (50 %) * b.b.c DNS A Record Requests: 0 DNS AAAA Record Requests: 0 SI VIP Selection (%) ----- ----2001:db8::22001:db8::1220 (0 %) Site Selection for Domain: 0 (0 %) The second example shows the third site. SITE:THREE * a.b.c DNS A Record Requests: 0 DNS AAAA Record Requests: 36 SI VIP Selection (%) ----- ----2001:db8::32001:db8::1830 (0 %) Site Selection for Domain: 0 (0 %) * b.b.
Displaying GSLB for IPv6 configurations 2 Displaying DNS zone and hosts Use the show gslb dns command to view information about the DNS zones and host names on GSLB controllers. The command can be used with or without the zone-name variable, which specifies a single zone. If this variable is omitted, all zones are displayed. NOTE If you also want to display information about the site and Brocade Virtual ADX on which a VIP is configured, use the show gslb dns detail command instead.
2 Displaying GSLB for IPv6 configurations TABLE 18 GSLB zone and host application information (Continued) Field Description IP addresses The column of IP addresses lists the IP addresses the authoritative DNS server associated with the host name in the DNS reply. These are the servers that contain the content for the host. In this example, the servers contain the content for www.brocade.
Displaying GSLB for IPv6 configurations TABLE 18 2 GSLB zone and host application information (Continued) Field Description Location The geographic location of the server. The location is based on the IP address and can be one of the following: • ASIA • EUROPE • N-AM : North America • S-AM : South America The GSLB Brocade Virtual ADX can use this information when comparing the servers in order to select the “best” ones for the client.
2 Displaying GSLB for IPv6 configurations Clearing DNS selection counters The GSLB Brocade Virtual ADX maintains DNS selection statistics for each IP address based on DNS requests served for a particular domain name.
Displaying GSLB for IPv6 configurations 2 To display detailed GSLB information about a specific DNS zone, you must specify the zone, as shown in the following example. Virtual ADX#show gslb dns detail brocade.com ZONE: brocade.com HOST: www (Global GSLB policy) GSLB affinity group: global Flashback delay (x100us) TCP APP 0 0 DNS resp. selection counters Count (%) 1 (33%) * 10.18.2.155: cfgv-ip ACTIVE N-AM Active Bindings: 1 site: A, weight: 0, SI: name (10.18.2.150) session util: 0%, avail.
2 Displaying GSLB for IPv6 configurations TABLE 19 Global SLB zone and host application information (Continued) Field Description Avail. sessions Indicates the number of unused sessions in the Brocade Virtual ADX’s session table. Preference The numeric preference value for this site ADX device. The preference can be used by the GSLB policy to select a site. Refer to “Administrative preference metric” on page 156.
Displaying GSLB for IPv6 configurations SITE: atlanta SI: slb-1 192.108.22.111: state: CONNECTION ESTABLISHED Current num. Session CPU load sessions util(%) (%) 750000 75 41 Virtual IPs: 10.157.22.227(A) SI: slb-1 192.108.22.111: state: CONNECTION ESTABLISHED Current num. Session CPU load sessions util(%) (%) 1 0 16 Virtual IPs: 10.157.22.227(S) Preference 2 Location 128 N-AM 10.157.22.
2 Displaying GSLB for IPv6 configurations TABLE 20 Global SLB site information (Continued) Field Description Current num. sessions The number of sessions in the ADX device’s session table. A session is a one-way connection to or from a real server. This information is reported by the site ADX device. NOTE: The number of sessions in the table does not necessarily match the number of active sessions on the real servers.
Displaying GSLB for IPv6 configurations TABLE 20 2 Global SLB site information (Continued) Field Description Virtual IPs The virtual IP addresses (VIPs) configured on the ADX device. This information is reported by the site ADX device. The letter in parentheses at the end of each address indicates whether the ADX device is an active or standby ADX device for that address. The letter can be A (active) or S (standby).
2 Displaying GSLB for IPv6 configurations Displaying IPv6 optimization information Use the show native-ipv6 feature command to display whether GSLB IPv6 optimization and the optimized SLB IPv6 path are enabled on the Brocade Virtual ADX .
2 Troubleshooting GSLB for IPv6 configurations The show server debug command includes additional counters to display IPv6 GSLB processing under the Server Load Balancing Debug Info section, as shown in the following example. Virtual ADX#show server debug ... Server Load Balancing Debug Info Total Get = 11 Get Fails = 0 ... ... TCP SYN to MP = 0 TCP SYN ACK received = 0 TCP pkt received = 0 TCP pkt to MP = 0 GSLB pkt redirects Dropped VIP pings SLB pkts to MP = 1000 = = GSLB V6 Pkt Redirect Avail.
2 Troubleshooting GSLB for IPv6 configurations ********************************************* Domain IP creation stats for BP: Num domain IPs added sync table: 33 ********************************************* PAX Mem domain IP debug information: *********************************************** Num MP domain IP config pax mem alloc: 71 Num MP domain IP non-config pax mem alloc: 0 Num MP domain IP pax mem delete: 36 ********************************************* PAX Mem dynamic real virtual debug information:
Troubleshooting GSLB for IPv6 configurations 2 gslb_stale_vip_list_cnt: 0 gslb sticky: gslb_debug_sticky_dyn_mem_alloc: 0 domain url web: gslb_debug_option_http_url_mem_alloc_web: 0 gslb_debug_option_http_url_mem_alloc_url: 0 gslb_debug_sptr_web_url_free: 0 gslb_debug_sptr_web_free: 0 gslb_debug_option_http_url_mem_free_web: 0 gslb_debug_option_http_url_mem_free_url: 0 gslb_debug_option_http_status_mem_free_web: 0 Resource alloc: gslb_debug_allocate_qname_hash_map_mem: 1 gslb_debug_dns_tcp_msg_alloc: 0 gs
2 Troubleshooting GSLB for IPv6 configurations type GSLB_KEEPALIVE: 8701 type GSLB_SET_PARAMETERS_DIST: 11 type GSLB_VERSION_UPDATE: 8701 type Unknown 18: 1 type GSLB_SET_IPV6_VIP_LIST: 1 Message sent to controller 10.11.11.
Appendix A Reference Materials RFC IPv4 RFC 791 IPv6 RFC 2460 DNS The GSLB ADX uses the Internet Assigned Numbers Authority’s (IANA’s) IP address prefixes (IPv4 or IPv6) to generate an initial static database of geographic prefixes. This database consists of IP address prefixes (IP address/prefix length) and their corresponding geographic locations (such as, the continent for each IP address prefix).
A DNS TABLE 1 4 IPv4 address assignment (Continued) Address Designation 145.248.0.0/14 EUROPE 145.252.0.0/15 EUROPE 145.254.0.0/16 EUROPE 149.202.0.0/15 EUROPE 149.204.0.0/16 EUROPE 149.206.0.0/15 EUROPE 149.208.0.0/12 EUROPE 149.224.0.0/12 EUROPE 149.240.0.0/13 EUROPE 149.248.0.0/14 EUROPE 15.0.0.0/8 NORTH AMERICA 150.254.0.0/16 EUROPE 151.13.0.0/16 EUROPE 151.14.0.0/15 EUROPE 151.16.0.0/12 EUROPE 151.3.0.0/16 EUROPE 151.32.0.0/11 EUROPE 151.4.0.0/15 EUROPE 151.
DNS TABLE 1 A IPv4 address assignment (Continued) Address Designation 17.0.0.0/8 NORTH AMERICA 171.16.0.0/12 EUROPE 171.32.0.0/15 EUROPE 18.0.0.0/8 NORTH AMERICA 19.0.0.0/8 NORTH AMERICA 192.106.196.0/23 EUROPE 192.162.0.0/16 EUROPE 192.164.0.0/14 EUROPE 192.71.0.0/16 EUROPE 193.0.0.0/8 EUROPE 194.0.0.0/8 EUROPE 195.0.0.0/8 EUROPE 196.0.0.0/8 NORTH AMERICA 198.0.0.0/7 NORTH AMERICA 198.17.117.0/24 EUROPE 199.0.0.0/8 NORTH AMERICA 20.0.0.0/8 NORTH AMERICA 200.0.0.
A DNS TABLE 1 IPv4 address assignment (Continued) Address Designation 29.0.0.0/8 NORTH AMERICA 3.0.0.0/8 NORTH AMERICA 30.0.0.0/8 NORTH AMERICA 33.0.0.0/8 NORTH AMERICA 35.0.0.0/8 NORTH AMERICA 38.0.0.0/8 NORTH AMERICA 4.0.0.0/8 NORTH AMERICA 44.0.0.0/8 NORTH AMERICA 45.0.0.0/8 NORTH AMERICA 46.0.0.0/8 NORTH AMERICA 47.0.0.0/8 NORTH AMERICA 48.0.0.0/8 NORTH AMERICA 55.0.0.0/8 NORTH AMERICA 56.0.0.0/8 NORTH AMERICA 6.0.0.0/8 NORTH AMERICA 61.0.0.0/8 ASIA 62.0.0.
DNS TABLE 2 A IPv6 address assignment (Continued) Address Designation 2001:1600::/23 RIPE NCC 2001:1800::/23 ARIN 2001:1A00::/23 RIPE NCC 2001:1C00::/23 RIPE NCC 2001:2000::/23 RIPE NCC 2001:3000::/23 RIPE NCC 2001:3800::/23 RIPE NCC 2001:4000::/23 RIPE NCC 2001:4200::/23 AfriNIC 2001:4400::/23 APNIC 2001:4600::/23 RIPE NCC 2001:4800::/23 ARIN 2001:4A00::/23 RIPE NCC 2001:4C00::/23 RIPE NCC 2001:5000::/20 RIPE NCC 2001:8000::/19 APNIC 2003:A000::/20 APNIC 2001:0000::/20 APNIC 2003:00
A 8 DNS Brocade Virtual ADX Global Server Load Balancing Guide 53-1003245-01
