Table of Contents
Advertisement
1
Transparent DNS query intercept
Use the following CLI method to configure this feature.
To configure the ServerIron ADX to redirect queries to an alternative DNS server, enter commands
such as the following:
ServerIronADX(config)# source-ip 209.157.23.100 255.255.255.0 0.0.0.0
ServerIronADX(config)# server remote-name dns-redirect 209.200.22.100
ServerIronADX(config-rs-dns-redirect)# source-nat
ServerIronADX(config-rs-dns-redirect)# port dns
ServerIronADX(config-rs-dns-redirect)# exit
ServerIronADX(config)# server virtual-name-or-ip dns-intercept 209.157.23.130
intercept
ServerIronADX(config-vs-dns-intercept)# port dns
ServerIronADX(config-vs-dns-intercept)# bind dns dns-redirect dns
ServerIronADX(config-vs-dns-intercept)# exit
ServerIronADX(config)# gslb dns zone brocade.com
ServerIronADX(config-gslb-dns-brocade.com)# host-info www http
ServerIronADX(config-gslb-dns-brocade.com)# exit
Syntax: [no] server source-ip <ip-addr> <ip-mask> <default-gateway>
NOTE
The gateway parameter is required. If you do not want to specify a gateway, enter "0.0.0.0".
This command adds a source IP address. The ServerIron ADX uses the source IP address in
packets that it sends to the alternative DNS server (the "real server"). Add an address that is in the
same subnet as the ServerIron ADX's management IP address. If you do not add a source IP
address and enable source NAT, the ServerIron ADX leaves the client's IP address in the source
address field of the redirected IP packets and as a result may not receive the alternative DNS
server's responses. The ServerIron ADX needs to receive the responses so it can modify the source
IP address to match the address of the authoritative DNS server, so that when the client receives
the response, the response appears to be from the authoritative DNS server. The redirection is
thus transparent to the client.
Syntax: [no] server remote-name <name> <ip-addr>
This command adds the alternative DNS server (the one to which you want to redirect queries). You
can enter this command multiple times for multiple alternative DNS servers.
NOTE
You can configure the alternate DNS server as a real server if it is in the same subnet as the
ServerIron ADX.
Syntax: [no] source-nat
This command enables source NAT. Source NAT allows the ServerIron ADX to change the source IP
address in the client request to one of the source addresses configured on the ServerIron ADX. You
must configure a source IP address and enable source NAT. You can enable source NAT globally or
on individual real servers (as in the example above).
Syntax: [no] port dns
This command enables the DNS port on the real server. You must use this command so that the
ServerIron ADX knows you want to redirect DNS traffic to the real server (the alternative DNS
server).
Syntax: [no] server virtual-name-or-ip <name> <ip-addr> intercept
98
ServerIron ADX Global Server Load Balancing Guide
53-1002437-01
Advertisement
Table of Contents
Related Manuals for Brocade Communications Systems ServerIron ADX 12.4.00
Related Products for Brocade Communications Systems ServerIron ADX 12.4.00
- Brocade Communications Systems ServerIron ADX 12.4.00a
- Brocade Communications Systems SERVERIRON ADX 1000
- Brocade Communications Systems SERVERIRON ADX 10000
- Brocade Communications Systems ServerIron ADX 1000F
- Brocade Communications Systems SERVERIRON ADX 4000
- Brocade Communications Systems ServerIron ADX 8000
- Brocade Communications Systems A7533A - Brocade 4Gb SAN Switch Base
- Brocade Communications Systems AE370A - Brocade 4Gb SAN Switch 4/12
- Brocade Communications Systems AA979A - StorageWorks SAN Switch 2/8V
- Brocade Communications Systems A7990A - StorageWorks SAN Director 4/16 Blade Switch
- Brocade Communications Systems AP7420 Series
- Brocade Communications Systems AM866A - StorageWorks 8/8 Base SAN Switch
- Brocade Communications Systems SMI Agent 120.11.0
- Brocade Communications Systems Access Gateway
- Brocade Communications Systems Network Advisor SMI Agent 12.0.0
- Brocade Communications Systems 200E Series