To have both high performance and responsive apps available on the Internet, you need a cloud DNS that’s both scalable and one that operates at a global level to effectively connect users to the nearest point of presence. The F5 Distributed Cloud DNS Load Balancer positions the best features used with GSLB DNS to enable the delivery of hybrid and multi-cloud applications with compute positioned right at the edge, closest to users.
With Global Server Load Balancing (GSLB) features available in a cloud-based SaaS format, the Distributed Cloud DNS Load Balancer has a number distinct advantages:
Speed and simplicity: Integrate with DevOps pipelines, with an automation focus and a rich and intuitive user interface
Flexibility and scale: Global auto-scale keeps up with demand as the number of apps increases and traffic patterns change
Security: Built-in DDoS protection, automatic failover, and DNSSEC features help ensure your apps are effectively protected.
Disaster recovery: With automatic detection of site failures, apps dynamically fail over to individual recovery-designated locations without intervention.
Adding user-location proximity policies to DNS load balancing rules allows the steering of users to specific instances of an app. This not only improves the overall experience but it guarantees and safeguards data, effectively silo’ing user data keeping it region-specific. In the case of disaster recovery, catch-all rules can be created to send users to alternate destinations where restrictions to data don’t apply.
This solution uses a cloud-based Distributed Cloud DNS to load balance traffic to VIP’s that connect to region-specific pools of servers. When data privacy isn’t a requirement, catch-all rules can further distribute traffic should a preferred pool of origin servers become unhealthy or unreachable.
The configuration for this solution assumes the following:
The app is in multiple regions
Users are from different regions
Distributed Cloud hosts/manages/is delegated the DNS domain or subdomain
(optional) Failover to another region is allowed
Steps To Configure
With Distributed Cloud serving as primary DNS for the domain, navigate to DNS Management > domain > Manage Configuration > Edit Configuration >> DNS Zone Configuration: Primary DNZ Configuration > Edit Configuration. Select “Add Item”, with Record Set type “DNS Load Balancer”
Enter the Record Name and then select Add Item to create a new load balancer record.
This opens the submenu to create DNS Load Balancer rules. Name the rule “app-dns-rule” then go to Load Balancing Rules > Configure.
Select “Add Item” then under the Load Balancing Rule, within the default Geo Location Selection, expand the “Selector Expression” and select “geoip.ves.io/continent”.
Select Operator “In” and then the value “EU”. Click Apply. Under the Action “Use DNS Load Balancer pool”, click “Add Item”.
Name the pool “eu-pool”, and under Pool Type (A) > Pool Members, click “Add Item”.
Enter a “Public IP”, then click “Apply”. Repeat this process to have a second IP Endpoint in the pool.
Scroll down to Load Balancing Method and select “Static-Persist”.
Now click Continue, and then Apply to the Load Balancing Rule, and then “Add Item” to add a second rule.
In the new rule, choose Geo Location Selection value “Geo Location Set selector”, and use the default “system/global-users”.
Click “Add Item”.
Name this new pool “global-pool” and add then select “Add Item” with the following pool member: 126.96.36.199. Change the Load Balancing Mode to “Static-Persist”, then click Continue.
Click “Apply”, “Apply”, and “Continue”. Now click final “Apply” to your DNS Zone’s Resource Record Set.
Now click “Apply” to your DNS Zone configuration.
Click “Save and Exit” to finalize everything and complete the configuration!
To view the status of the services that were just created, navigate to DNS Management > Overview > DNS Load Balancers > app-dns-rule.
Clicking on the rule “eu-pool”, you can find the status for each individual IP endpoint, showing the overall health of each pool’s service that has been configured.
With the DNS Load Balancing rule configured to connect two separate regions, when one of the primary sites goes down in the eu-pool users will instead be directed to the global-pool. This provides reliability in the context of site failover that spans regions. If data privacy is also a requirement, additional rules can be configured to support more sites in the same region.
Using the Distributed Cloud DNS Load Balancer enables better performance of your apps while also providing greater uptime. With scaling and security automatically built into the service, responding to large volumes of queries without manual intervention is seamless. Layers of security deliver protection and automatic failover. Built-in DDoS protection, DNSSEC, and more make the Distributed Cloud DNS Load Balancer an ideal do-it-all GSLB distributor for multi-cloud and hybrid apps.
To see how everything is running, review the DNS Load Balancing dashboard where you’ll find details about each of the apps, including the ability to drill down for greater detail.
If you’re interested in seeing a walkthrough video where I configure all of the above, check out the accompanying video.