Guest

Cisco Services Modules

DNS Probes on the Content Switching Module Configuration Example

Document ID: 60045

Updated: Sep 07, 2004

   Print

Introduction

This document provides a sample configuration of DNS probes on the Content Switching Module (CSM). DNS probes are used to query DNS servers for specific domain names. DNS probes check the response against a preconfigured value to determine whether or not the CSM should continue to use the server.

Prerequisites

Requirements

There are no specific requirements for this document.

Components Used

The information in this document is based on the CSM version 3.x or higher .

The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.

Conventions

For more information on document conventions, refer to the Cisco Technical Tips Conventions.

Configure

In this section, you are presented with the information to configure the features described in this document.

Note: To find additional information on the commands used in this document, use the Command Lookup Tool (registered customers only) .

Configurations

Content Switching Module
module ContentSwitchingModule 4 
!
 vlan 499 client
  ip address 192.168.10.97 255.255.254.0
  gateway 192.168.10.1
!
 probe DNSTEST dns
  name www.yahoo.com


!--- The probe is configured for the CSM to request the IP address 
!--- associated with the domain name www.yahoo.com.

  address 216.109.117.107 


!--- The expected response is configured as 216.109.117.107.
!--- Multiple addresses can be entered. If the response matches any 
!--- one of the configured address, the server is considered alive.

  port 53 


!--- Configuration of the DNS port is recommended, even if the default port 
!--- of 53 is being used.

!
 probe DNSTEST2 dns
  name www.yahoo.com
  address 216.109.117.107 


!--- To demonstrate the importance of the port command, the same probe 
!--- as above is used without the port.

!
serverfarm DNS1
  nat server
  no nat client
  real 144.254.10.123
   inservice
  probe DNSTEST
!
 serverfarm DNS2
  nat server
  no nat client
  real 144.254.10.123
   inservice
  probe DNSTEST2


!--- This probe has a problem because the CSM cannot determine which port to use.

!
 serverfarm DNS3
  nat server
  no nat client
  real 144.254.10.123 53
   inservice
  probe DNSTEST2


!--- This is the same serverfarm as above, but now the CSM can determine which port 
!--- to use, as specified in the real server definition.

!
vserver DNS1
  virtual 192.168.1.1 tcp 53
  serverfarm DNS1
  persistent rebalance
  inservice
!         
 vserver DNS2
  virtual 192.168.1.2 any
  serverfarm DNS2
  persistent rebalance
  inservice
!
 vserver DNS3
  virtual 192.168.1.3 any
  serverfarm DNS3
  persistent rebalance
  inservice
!

Verify

This section provides information you can use to confirm your configuration is working properly.

  • show module csm slot probe name NAME detail

  • show module csm slot real

    This demonstrates that the probe is functioning properly.

    cpu0#sho mod csm 4 probe name dnstest det     
    probe           type    port  interval retries failed  open   receive
    ---------------------------------------------------------------------
    DNSTEST         dns     53    120      3       300            10     
     DNS Info: www.yahoo.com
     DNS Expected IP address:
      216.109.117.107
     real                  vserver         serverfarm      policy          status
     ------------------------------------------------------------------------------
     144.254.10.123:53     DNS1            DNS1            (default)       TESTING
    

As noted in the configuration, it is recommended that the DNS port be configured, even if the default port of 53 is used. This is due to the fact that the CSM does not use a default destination port for the DNS probes. If the CSM cannot determine the port, the probe is not enabled.

This command output is an example of what is displayed when the CSM fails to determine the destination port for the probe. Packets are not being sent. In this state, the CSM does not mark the service down, but instead stays operational; the problem might go undetected.

cpu0#sho mod csm 4 probe name dnstest2 det
probe           type    port  interval retries failed  open   receive
---------------------------------------------------------------------
DNSTEST2        dns           120      3       300            10     
 DNS Info: www.yahoo.com
 DNS Expected IP address:
  216.109.117.107
 real                  vserver         serverfarm      policy          status
 ------------------------------------------------------------------------------
 144.254.10.123:53     DNS3            DNS3            (default)       FAILED
 144.254.10.123:0      DNS2            DNS2            (default)       ???

Also, notice that the probe DNSTEST2, when associated with serverfarm DNS2, has a status of ???. This is because the CSM failed to determine the destination port to use for sending the probes. In serverfarm DNS3, the real server port is specified; there were no problems running the probes.

cpu0#sho mod csm 4 real

real                  server farm      weight  state          conns/hits
-------------------------------------------------------------------------       
144.254.10.123        DNS1             8       PROBE_FAILED   0        
144.254.10.123        DNS2             8       OPERATIONAL    0        
144.254.10.123:53     DNS3             8       PROBE_FAILED   0 

When the probe fails to run (indicated by a status of ???), the real server remains operational.

Troubleshoot

There is currently no specific troubleshooting information available for this configuration.

Related Information

Updated: Sep 07, 2004
Document ID: 60045