Embed Size (px)
Citation preview
© F5 Networks, Inc.
1
How Does DNS Work?
http://www.domain.com
A user browses to www.domain.com
LDNS
Root DNS Server(one of 16 from
root.hints)
Is there a record for www.domain.com?
Is there a record for www.domain.com?
Go ask .com
.com DNS Server
Is there a record for www.domain.com?
Go ask domain.com
The LDNS asks .com for www.domain.com, which returns
an NS record for domain.com
The LDNS asks domain.com for www.domain.com, which returns
an A record
Is there a record for www.domain.com?
66.163.171.129
domain.com DNS Server
© F5 Networks, Inc.
2
LDNS
Root DNS Server(one of 16 from
root.hints)
.com DNS Server domain.com
DNS Server
How Does DNS Work?
66.163.171.129
Web Server
http://www.domain.com
Is there a record for www.domain.com?
The browser opens a connection to address:80 and does a GET /…
… And the server returns the Web page response
66.163.171.129
The LDNS returns the A record to the client and
caches it locally
66.163.171.129
© F5 Networks, Inc.
3
General Use Cases for DNSDelegation
LDNS
www.company.comDNS Server
LDNS requests www.company.com
CNAME www.company.comto www.subzone.company.com
www.subzone.company.com DNS Server
www.subzone.company.com returns an A record with the IP address of the desired resource
LDNS requests www.subzone.company.com
© F5 Networks, Inc.
4
DNS Load Balancing with LTM (No GTM)
LDNS
Data Center
DNS Servers
company.com
LDNS requests www.company.com
LTM responds with the DNS A record
LTM passes the request to the DNS
server pool
The DNS server responds with an A record IP for
www.company.com BIG-IP
Local Traffic Manager
iA
DNS iRules*
IP Anycast*A
i
*Requires DNS Services Add-on
© F5 Networks, Inc.
5
Data Center
BIG-IPGlobal Traffic Manager
company.comDNS Serverwww.gtm.company.com
GSLB and Delegation Mode
LDNS
Root DNS Server
Is there a record for www.company.com?
Is there a record for www.company.com?
Go ask .com
.com DNS Server
Is there a record for www.company.com?
Go ask company.com
Is there a record for www.company.com?
Return CNAME www.gtm.company.com
http://www.company.com
© F5 Networks, Inc.
6
DNS Delegation Sample Configuration
Example database prior to delegation:
www.domain.com. IN A 200.10.10.10www.domain.com. IN A 150.10.10.10
Example database after delegation:
wip.domain.com. IN NS gtm1.wip.domain.com.wip.domain.com. IN NS gtm2.wip.domain.com.gtm1.wip.domain.com. IN A 200.10.10.53gtm2.wip.domain.com. IN A 150.10.10.54www.domain.com. IN CNAME www.wip.domain.com.
© F5 Networks, Inc.
7
GSLB and Delegation Mode
LDNS
Is there a record for www.gtm.company.com?
Is there a record for www.gtm.company.com?
Go ask .com
Is there a record for www.gtm.company.com?
Go ask company.com
Is there a record for www.gtm.company.com?
Root DNS Server
.com DNS Server
Data Center
BIG-IPGlobal Traffic Manager
company.comDNS Serverwww.gtm.company.com
http://www.company.com
© F5 Networks, Inc.
8
GLSB and Delegation Mode
http://www.company.com
LDNS
Is there a record for www.company.com?
Data Center
BIG-IPGlobal Traffic Manager
company.comDNS Serverwww.gtm.company.com66.163.171.12966.163.171.129
66.163.171.129
66.163.171.129
X72.68.171.103
Is there a record for www.gtm.company.com?
© F5 Networks, Inc.
9
BIG-IP DNS Authoritative Screen
LDNS
www.subzone.company.com DNS Server
Data Center
company.com
LDNS send a DNS query
BIG-IPGTM/LTM-DNS Services
Resolved DNS request
If GTM is enabled , check GTM Wide IPs and if matched, resolves
to the best IP
www.gtm.company.com
DNS Listener on the BIG-IP receives all DNS requests
Else, forward the query to external DNS
servers
If DNS Express is enabled, check against
DNS Express zones and then local BIND
© F5 Networks, Inc.
10
BIG-IP DNS Authoritative Screen
LDNS
www.subzone.company.com DNS Server
Data Center
company.comwww.gtm.company.com
Q Xi
DNS Express
DNSSEC
Geolocation
DNS iRules
X
Q
i
BIG-IPGTM/LTM-DNS Services
© F5 Networks, Inc.
11
GTM Pool
Wide IP (WIP) objects• Fully Qualified Domain Names (FQDNs) associated with one or more pools
Objects in the GTM Architecture
Primary DC Secondary DC Disaster Recovery DC
GTM GTM GTMLTM LTM LTM
Server Server
73.37.1.1:80
Virtual Server Virtual Server68.28.1.1:80
Pool objectsGroups of virtual servers to be load balanced
Virtual servers objects• IP address:port combinations on server objects
• Applications to load balance/resolve too • May represent multiple real servers (load balancers)• Or a single physical (standalone) server• Server objects often host multiple virtual servers
73.37.1.11:21
Virtual Server205.33.1.1:80
Virtual Server
Wide IP: www.f5.com = 73.37.1.1 or 68.28.1.1 or 205.33.1.1
