Brocade Communications Systems 12.4.00 Manual De Usuario
ServerIron ADX Global Server Load Balancing Guide
101
53-1002437-01
Transparent DNS query intercept
1
NOTE
For non-direct respond transparent intercept, you should not enable dns transparent-intercept in the
gslb policy.
gslb policy.
Notice that unlike the types of transparent DNS query intercept shown in
page 97, the type shown here does not require configuration of a real server. Since the ServerIron
ADX in this case is responding directly to the query instead of redirecting the query to another
device, only the virtual server for intercepting the queries is required. Moreover, since the
ServerIron ADX is not redirecting the queries, you do not need to configure a source IP address and
enable source NAT.
ADX in this case is responding directly to the query instead of redirecting the query to another
device, only the virtual server for intercepting the queries is required. Moreover, since the
ServerIron ADX is not redirecting the queries, you do not need to configure a source IP address and
enable source NAT.
Syntax: host-info <host-name> ip-list { <ipv4-address> | <ipv6-address> }
This command specifies the IPv4 or IPv6 addresses you want the ServerIron ADX to use in its
replies to the intercepted DNS queries. You can specify as many addresses as you need. Separate
each address with a space.
replies to the intercepted DNS queries. You can specify as many addresses as you need. Separate
each address with a space.
The ServerIron ADX applies the GSLB policy to the addresses and sends only the best address in
the response to a client query. If the GSLB policy does not result in a best address to send to the
client, the ServerIron ADX forwards the request to the authoritative DNS server. In either case, the
source IP address in the response is the DNS server IP address, so the client always receives a
response that appears to be from the DNS server.
the response to a client query. If the GSLB policy does not result in a best address to send to the
client, the ServerIron ADX forwards the request to the authoritative DNS server. In either case, the
source IP address in the response is the DNS server IP address, so the client always receives a
response that appears to be from the DNS server.
Syntax: dns transparent-intercept
This command enables the DNS transparent intercept feature. You need to use this command only
when you are configuring the type of transparent DNS query intercept that responds directly to the
client. If you are configuring the type of transparent DNS query intercept that redirects the query to
an alternative DNS server or to another ServerIron ADX, do not use this command.
when you are configuring the type of transparent DNS query intercept that responds directly to the
client. If you are configuring the type of transparent DNS query intercept that redirects the query to
an alternative DNS server or to another ServerIron ADX, do not use this command.
Displaying transparent DNS query intercept statistics
To display transparent DNS query intercept statistics, enter the following command at any level of
the CLI.
the CLI.
ServerIronADX(config)# show gslb global-stat
DNS cache proxy stat:
Direct response = 0
DNS query intercept stat:
Redirect = 0 Direct response = 0
Unsupported query types stat:
Error handling cnt = 0
Syntax: show gslb global-stat
The transparent DNS query intercept statistics are displayed in the DNS query intercept stat
section.
section.