HP VPN Firewall Appliances High Availability Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

211

212

213

214

215

216

217

218

219

220

208

• A DNS MX record defines the mapping between a domain name and mail server name. When an

Internet user sends an Email, the local mail server typically sends a DNS request to the LB device first

to query the MX record of the mail recipient address.

Inbound link load balancing operates in the following way:

1. Upon receiving a DNS request sent by the local server (local DNS server or local mail server), if the

request is an MX record query request, the LB device searches a match, resolve the domain name

suffix of the recipient address to a mail server name, and goes to the following step to search an

A record by using the mail server name as the requested domain name. If the request is an A

record query request, it goes to the following step.

To reduce packet exchanges, the LB device uses the MX query result to query A records, and adds

the A record query result as an appended record into the MX response to send to the local server.

When querying MX records, if finding multiple matches, the LB device returns at most 10 matches

to the local server, which selects one according to the priority of the MX records.

2. The LB device uses the requested domain name to search the inbound link load balancing DNS A

record for a match. If the source IP address of the DNS request matches the ACL in the DNS record,

the LB device responds with the IP address in the DNS record. Otherwise, it goes to the following

step.

3. The LB device matches the source IP address of the DNS request against the best performing link

entry, uses the physical link in the matched best performing link entry, and responds with the IP

address in the corresponding DNS A record. If no match is found, the LB device performs best

performing link detection on all the physical links corresponding to the DNS A records that match

the domain name to generate a best performing link entry, and goes to the following step.

4. If ISP routing is enabled, the LB device matches the source IP address of the DNS request against

the ISP entry, uses the physical link in the matched ISP entry, and responds with the IP address in

the corresponding DNS A record. If ISP routing is not enabled or no match is found, the LB device

does not add the search result of the A record when the request is an MX record query request. The

LB device uses the physical link that corresponds with the first DNS record that matches the

requested domain name, and responds with the IP address of the DNS record if the request is an

A record query request.

Recommended configuration procedure

Configuring outbound link load balancing

Ste

Remarks

1. Saving of the last hop

information

Optional.

For more information, see "Configuring public parameters."

2. Configuring a health monitoring

method

Optional.

3. Creating a physical link

Required.

4. Configuring the best performing

link function

Optional.

Configure dynamic best performing link parameters and static best

performing link entries.

For outbound link load balancing, this function is available only when

enabling of best performing link is configured for a virtual service.