Global Server Load Balancing

(GSLB) Concepts
Section 7

©A10 Networks, Inc.

Section Objectives
GSLB Overview
GSLB Configuration Options
GSLB Components
Server Mode Configuration

©A10 Networks, Inc. 2

 Global Server Load Balancing (GSLB)
Key ACOS GSLB benefits
Provides data center failover and
continuity
Optimizes multi-site deployments
Ensures users' Web experience is
the fastest

Flexible DNS Options

Proxy client queries for continued use of existing DNS infrastructure without changing existing
DNS server configuration, or host a fully authoritative ACOS solution

©A10 Networks, Inc. 3

AX DNS-based GSLB Overview
DNS-based GSLB uses Domain Name Service (DNS) technology to extend load balancing
to a global scale
Provides dynamic and flexible policies for selecting fairness and distribution to multiple
sites
Operates in two main modes
Proxy mode
The ACOS device acts as a proxy for an external DNS server. In proxy mode, the ACOS device can update the
A and AAAA records in its response to client requests, but it forwards requests for all other record types to
the external DNS server.
Server mode
The ACOS device directly responds to queries for specific service IP addresses in the GSLB zone. In server
mode, the ACOS device can reply with A, AAAA, MX, NS, PTR, SRV and SOA records. For all other records, the
ACOS device will attempt proxy mode unless configured as fully authoritative.

©A10 Networks, Inc. 4

ACOS GSLB Server Mode (Authoritative)
Advantages
Can be implemented without impacting current DNS traffic
Does not require change in DNS server IP address
Customer can be using external DNS service

Disadvantages
Requires changes to DNS server configuration
Add Sub-domain to existing DNS for ACOS
Add ACOS “proxy ip” as NS records
Add ACOS “proxy ip” as A records
CNAME existing records to sub-domain
Requires second DNS request by client

©A10 Networks, Inc. 5

ACOS GSLB Proxy Mode
Advantages
Does not require changes to current DNS server configuration
Single client request for domain resolution services
Can be implemented with DNS firewall, and provide SLB services to DNS servers

Disadvantages
Requires changes to DNS server IP address, or change in registered NS server IP address
Can not be implemented without downtime
Customer has to own and run their own DNS servers

©A10 Networks, Inc. 6

GSLB Components
Controller
Receives client DNS requests, maintains
GSLB configuration and health status among
site devices. Can have multiple controllers
for redundancy
Policy
Configurable parameters evaluated against a
client request to select the best site to send
the request to
Zones
A DNS domain for GSLB. A device can be
configured with one or more GSLB zones.
Each zone can contain one or more GSLB
sites. “xyz.com” is a domain.
©A10 Networks, Inc.
Sites
A server farm locally managed by an ACOS
device that performs ADC services for the
site
Services
An application such as HTTP or FTP. Each
zone can be configured with one or more
services. “www.xyz.com” is a service where
“www” is the http service or an application
in the “xyz.com” zone
Service IP
The virtual servers defined under service-ip
are used for GSLB
7
GSLB Server Mode Configuration
Configuration steps
Configure SLB (if not already configured)
Create DNS Server VIP
Configure Service IPs for VIPs
Create (or modify existing Default) GSLB Policy
Create Sites, add SLB Devices and VIPs for the Site
Create Zone and configure service
Enable the GSLB protocol for site device function (Controller or Device)

Note – To configure Proxy mode, follow standard SLB procedures (Servers, Service
Groups, VIP, etc.) that utilize “external” DNS servers and enable it for GSLB when
configuring the virtual port
Note 2 – GSLB Policies will be covered in another module

©A10 Networks, Inc. 8

Configuring the DNS VIP
For Server Mode configurations
Create the Virtual Server
slb virtual-server dns1 100.0.0.53
Add the UDP port (usually 53)
port 53 dns-udp
Enable GSLB on the port
gslb-enable

To configure Proxy Mode, create Servers for the actual (external) DNS servers, place
them in a Service Group and apply to the Virtual Port

©A10 Networks, Inc. 9

Configuring Service IPs
The Service IPs are the addresses of Virtual Servers that will be part of the GSLB solution
in a given zone
Add the name and ip, then the port hosting the service
gslb service-ip vip3 100.0.0.66
port 80 tcp

The Service IP can also have health checks assigned and, if needed, an External IP
allowing a service IP that has an internal IP address to be reached from outside the
internal network

©A10 Networks, Inc. 10

GSLB Site configuration
Sites represent the server farm that is locally managed by the device that performing
server load balancing for the site
Create the site, define the IP of the ACOS device for the site, then add the VIP servers
configured earlier
gslb site newyork
slb-dev A3 60.0.0.1
vip-server vip2

©A10 Networks, Inc. 11

Configuring GSLB Zones and Services P 1
A zone is a DNS domain used by GSLB and acts as the start of authority for the name
space and, when combined with the service name, creates the FQDN for client DNS
queries
A service is an application such as HTTP or FTP and can be the well-known name of the
application or by port number
gslb zone a10class.com
service http www

In the above example, the zone name is “a10class.com”, the service is HTTP with the
name “www.” Clients would then query www.a10class.com when connecting to the VIP

©A10 Networks, Inc. 12

Configuring GSLB Zones and Services P 2
The dns-a-record command is used to create the A records for the zone, binding the
service/zone name to the service IPs (VIPs) within the zone
gslb zone a10training.com
service http www
dns-a-record vip2 static
dns-a-record vip1 static

At the Service level of the configuration, additional dns records such as C-NAME, mx,
and NS can be created

©A10 Networks, Inc. 13

The GSLB Protocol
Uses TCP port 4149
AX devices use the GSLB protocol for GSLB management traffic (between GSLB controller and
sites)

The GSLB controller collects following information from the site AX load balancers
Virtual IP addresses & active servers
aRDT (active-Round Delay Time)
Site session capacity statistics
Connection load
Number of active sessions

Update interval default is 30 seconds (ranges from 1 to 300 seconds)

VIP information is sent asynchronously

©A10 Networks, Inc. 14

Enabling the GSLB Protocol
AX devices use the GSLB protocol for GSLB management traffic. The protocol must be
enabled on the GSLB controller
gslb protocol enable controller

For redundancy, multiple controllers can be enabled and placed in a controller group
which can automatically synchronize GSLB configurations and service IP status among
multiple GSLB controllers for a GSLB zone
Enabling the protocol on devices in other sites in the GSLB configuration is optional, but
is required for in order to take advantage of certain policy options and default health
checks. A10 recommends enabling the GSLB protocol on all devices
gslb protocol enable device

Note - For more information on Controller Groups see the GSLB configuration guide

©A10 Networks, Inc. 15

GSLB Configuration Best Practices
For redundancy, use Controller Groups with Controllers configured in multiple sites
Use Controllers for both GSLB and SLB
Server Mode (authoritative) configurations can also include the customers existing DNS
servers in a service group under the DNS VIP.
These servers hold records or name space for which the Controller is not authoritative
Non-authoritative queries are automatically forwarded to those servers
Enable the GSLB protocol on all devices

©A10 Networks, Inc. 16