Forum Discussion
TiborP
Altostratus
AltostratusHow to affect Static persist LB method for GSLB pools
We are using GSLB for DNS load balancing to couple of sites with "data" load balancers. We need to achive persistency, so I set Static persist LB method. It works fine for most of the clients. But when client use "cloud" DNS server, I mean google 8.8.8.8 for example, he gets different IP for the same DNS name as he works with the application for some time. And this cause problem. Of course I can enlarge TTL for this record, but I need have it "small" (minutes not hours) for high avaiabilty.
I have found list of google DNS requesting IP, but how can I use it?
Is there anyone with similar problem?
TiborPOK, so we have found official google IP address ranges for their DNS servers 🙂
I have added this to my Topology load balancing scheme, pointing DNS request from there to pool with Global availability LB method. Of course, now all answers to google DNS clients points to one virtual server, but we can live with this.
- TiborP
- TiborP
Problem is NOT on LTM (local traffic manager) and persistence here.
Poblem is on DNS-LB (gslb).
- Paulius
MVP
TiborP So typically with large providers of a caching NS they will typically the users query to them is directed using anycast or some variation of that so that the users request is directed to the closest device to them. This is a guess but most likely what's happening is the source IP of the cache NS is not the same as the IP that the user is querying which results in the user being sent to multiple locations because the cache NS is querying from multiple source IPs. I have something similar behavior when a firewall utilizes FQDNs to allow users out of or into an environment but the client has a different DNS server they query which results in the traffic being blocked. In your case the GTM is seing the source of the DNS request as different IPs which results in persistence not functioning correctly for the end user. You might consider running a tcpdump on the GTM or turning on some logging so you can validate the users DNS query and where it's coming from because they most likely are changing on each DNS query.
