Guest

Cisco ACE GSS 4400 Series Global Site Selector Appliances

Release Note for the Cisco Global Site Selector, Release 1.3(1)

  • Viewing Options

  • PDF (353.8 KB)
  • Feedback
Release Note for the Cisco Global Site Selector, Release 1.3(1)

Table Of Contents

Release Note for the Cisco Global Site Selector, Release 1.3(1)

Contents

Cisco-Supported Hardware and Software Compatibility

Before Upgrading to Version 1.3(1)

Upgrade Steps Required When Using Double Quotes for Object or Description Names

New Features in Software Version 1.3(1)

Operating Considerations for Software Version 1.3(1)

Documentation for GSS Software Version 1.3(1)

Additional Information for Building and Modifying DNS Rules

Additional Information for Configuring DNS Sticky

Software Version 1.3(1) Open Caveats, Resolved Caveats, and Command Changes

Software Version 1.3(1) Open Caveats

Software Version 1.3(1) Resolved Caveats

Software Version 1.3(1) CLI Command Updates

Obtaining Documentation

Cisco.com

Product Documentation DVD

Ordering Documentation

Documentation Feedback

Cisco Product Security Overview

Reporting Security Problems in Cisco Products

Obtaining Technical Assistance

Cisco Technical Support & Documentation Website

Submitting a Service Request

Definitions of Service Request Severity

Obtaining Additional Publications and Information


Release Note for the Cisco Global Site Selector, Release 1.3(1)


January 22, 2007


Note The most current Cisco GSS documentation for released products is available on Cisco.com.


Contents

This release note applies to software version 1.3(1) for the Cisco Global Site Selector (GSS). It contains the following sections:

Cisco-Supported Hardware and Software Compatibility

Before Upgrading to Version 1.3(1)

New Features in Software Version 1.3(1)

Operating Considerations for Software Version 1.3(1)

Documentation for GSS Software Version 1.3(1)

Additional Information for Building and Modifying DNS Rules

Additional Information for Configuring DNS Sticky

Software Version 1.3(1) Open Caveats, Resolved Caveats, and Command Changes

Obtaining Documentation

Obtaining Technical Assistance

Cisco Product Security Overview

Obtaining Additional Publications and Information

Cisco-Supported Hardware and Software Compatibility

GSS software version 1.3(1) installed on a GSS 4491, GSS 4490, or GSS 4480 operates with the following Cisco hardware:

Cisco Content Services Switch (CSS) running the following WebNS software releases:

Cisco CSS Platform
Recommended WebNS Versions
Minimum Supported WebNS Versions

Cisco 11500 Series CSS

Software releases:

7.40.0.04 or greater

7.30.2.03 or greater

Software releases:

7.20.1.04

7.10.3.05

Cisco 11000 Series CSS

Software releases:

6.10.4.05 or greater

5.00.6.05 or greater

Software releases:

6.10.1.07

5.00.3.09


Cisco Catalyst 6500 Content Switching Module (CSM) running the following software releases:

Platform
Recommended CSM Versions 1
Minimum Supported CSM Versions

Cisco Catalyst 6500 Content Switching Module (CSM)

Software releases:

3.1(10) or greater

3.2(1)

4.1(4) or greater

4.2(1) or greater

Software releases:

3.1(4)

3.2(1)

4.1(4)

4.2(1)

1 CSM software versions 3.2(2), 3.2(3) and 4.1(2) are not supported by the GSS when using the KAL-AP by tag keepalive method.


Before Upgrading to Version 1.3(1)

You can upgrade directly to GSS software version 1.3(1) from GSS software versions: 1.2(1.0.3), 1.2(1.1.2), 1.2(2.0.3), 1.2(2.1.3), and 1.2(2.2.0). To upgrade from GSS software version 1.1(x), you must first upgrade to GSS software version 1.2(2.2.0).


Note GSS software version 1.3(1) does not allow the use of double quotes for names and associated description strings. If you have any instances of double quotes (") in object names or associated descriptions (for example, "dns rule 01" or "dns rule 02), then you must remove all double quotes before you upgrade to GSS software version 1.3(1). Follow the steps in "Upgrade Steps Required When Using Double Quotes for Object or Description Names". Also, refer to defect CSCsd52299 as described in "Software Version 1.3(1) Open Caveats" for more information.


Before you upgrade your GSS software, be sure that you:

Perform a full backup of your primary GSSM database as described:

For software version 1.2, refer to Chapter 7, Backing Up and Restoring the GSSM, the "Backing Up the Primary GSSM" section in the Cisco Global Site Selector Administration Guide.

For software version 1.1, refer to Chapter 9, GSS Administration and Troubleshooting, the "Backing Up the GSSM" section in the Cisco Global Site Selector Configuration Guide.

For software version 1.0, refer to Chapter 3, GSS Administration and Troubleshooting, the "Backing Up the GSSM" section in the Cisco Global Site Selector Configuration Guide.

Review the software version 1.3(1) software upgrade sequence as described in the Cisco Global Site Selector Administration Guide, Appendix A, Upgrading the GSS Software.

Upgrade Steps Required When Using Double Quotes for Object or Description Names

GSS software version 1.3(1) does not allow the use of double quotes for names and associated description strings. If you have any instances of double quotes (") in object names or associated descriptions (for example, "dns rule 01" or "dns rule 02), then you must remove all double quotes before you upgrade to GSS software version 1.3(1).

Check for the use of double quotes in object names and descriptions in your GSLB configuration before proceeding.

Perform these steps to remove double quotes:

1. If you are upgrading from version 1.1(x), first upgrade to GSS software version 1.2(2.2.0). If you are upgrading from any 1.2(x) version, go to step 2.

2. Perform a full backup of your primary GSSM database. For details on backing up, refer to Chapter 7, Backing Up and Restoring the GSSM, the "Backing Up the Primary GSSM" section in the Cisco Global Site Selector Administration Guide. Provide a unique name for the backup file. Use this file if you need to downgrade to GSS software version 1.2.

3. In software version 1.2, access the GUI at the primary GSSM. Locate and remove the double quotes from any object names or associated descriptions that include any instance of double quotes.

4. Perform a full backup of your modified primary GSSM database. Provide a unique name for the backup file. You can use this file to restore your 1.2 database in the future.

5. Upgrade to GSS software version 1.3(1) as described in the Cisco Global Site Selector Administration Guide, Appendix A, Upgrading the GSS Software.

New Features in Software Version 1.3(1)

GSS software version 1.3(1) provides the following new features:

Global server load-balancing using the CLI at the primary GSSM—GSS software version 1.3(1) includes CLI commands to configure global server load balancing for your GSS network. When you perform global server load-balancing configuration and monitoring tasks, for most tasks you now have the option to use either the CLI or the GUI on the primary GSSM. For more details, refer to the Cisco Global Site Selector CLI-Based Global Server Load-Balancing Configuration Guide.

Creation and execution of GSLB configuration files using the CLI—New CLI commands allow you to create, modify, and execute (play) GSLB configuration files. GSLB configuration files define all global server load-balancing configuration parameters for a GSS network. For more details, refer to the Cisco Global Site Selector CLI-Based Global Server Load-Balancing Configuration Guide.

Multi-port keepalive capability—The primary GSSM supports the assignment of multiple keepalives and/or destination ports for a single VIP answer. From either the GUI or the CLI, you have the ability to configure a maximum of five different keepalives for a VIP answer, in a mix and match configuration of ICMP, TCP, HTTP HEAD, and KAL-AP VIP keepalive types. For more details, refer to the Cisco Global Site Selector CLI-Based Global Server Load-Balancing Configuration Guide and the Cisco Global Site Selector GUI-Based Global Server Load-Balancing Configuration Guide.

Operating Considerations for Software Version 1.3(1)

The following operating considerations apply to software version 1.3(1):

When you use a TCP keepalive with the fast detection and graceful termination methods to test a Telnet service on a server running Windows Server 2003, port 23 may fluctuate between the Up and Down state (port flapping). If port flapping occurs on TCP port 23 of Windows Server 2003, you will notice an increase in keepalive negative probe and keepalive transition counts on the Answer Keepalive Statistics list page of the primary GSSM GUI. To resolve this issue, increase the retries value for the TCP keepalive. A retry value of three or four should prevent flapping on port 23 when connecting to a server running Windows Server 2003.

Depending on the number of TCP keepalives you require to send from port 23 to servers running Windows Server 2003, specify the retries value as follows:

If the GSS is transmitting numerous TCP keepalives using port 23, globally change the Number of Retries value for all TCP keepalives on the Configure Global KeepAlive Properties details page of the GUI. If you are using the keepalive-properties tcp fast command in the CLI to configure keepalives, change the value of the retries option.

If TCP keepalives are being used for different devices or ports, change the Number of Retries value on a per TCP keepalive basis using the Modifying Answer detail page of the GUI. If you are using the keepalive type tcp command in the CLI to configure keepalives on a per TCP keepalive basis, change the value of the retries option.

Cisco LocalDirector does not reply properly to TCP keepalives sent on port 23 from a GSS device. To resolve this behavior, specify a different keepalive method with LocalDirector or directly probe the servers located behind LocalDirector.

For a GSS to successfully operate and perform DNS resolutions, a name server must be properly configured, running, and reachable by the GSS.

Documentation for GSS Software Version 1.3(1)

The documentation set for GSS software version 1.3(1) now includes the Cisco Global Site Selector CLI-Based Global Server Load-Balancing Configuration Guide. The complete documentation set contains the publications listed below.

Document Title
Description

Release Note for the Cisco Global Site Selector

Information on operating considerations, caveats, and new CLI commands for the GSS software.

Global Site Selector Hardware Installation Guide

Information on installing your GSS device and getting it ready for operation. It describes how to prepare your site for installation, how to install the GSS device in an equipment rack, and how to maintain and troubleshoot the GSS hardware.

Regulatory Compliance and Safety Information for the Cisco Global Site Selector

Regulatory compliance and safety information for the GSS.

Cisco Global Site Selector Getting Started Guide

Information on getting your GSS setup, configured, and ready to perform global server load balancing.

Cisco Global Site Selector Administration Guide

Procedures necessary for setting up, managing, and maintaining your GSSM and GSS devices, including login security, software upgrades, GSSM database administration, and logging.

Cisco Global Site Selector GUI-Based Global Server Load-Balancing Configuration Guide

Procedures for configuring your GSS to perform global server load-balancing, such as configuring source address lists, domain lists, answers, answer groups, DNS sticky, network proximity, and DNS rules using the GUI.

Cisco Global Site Selector CLI-Based Global Server Load-Balancing Configuration Guide

Procedures for configuring your GSS to perform global server load-balancing, such as configuring source address lists, domain lists, answers, answer groups, DNS sticky, network proximity, DNS rules using the CLI, and creation and execution of GSLB configuration files.

Cisco Global Site Selector Command Reference

An alphabetical list, by mode, of all GSS command-line interface (CLI) commands including syntax, options, and related commands. This document also describes how to use the CLI interface.


Additional Information for Building and Modifying DNS Rules

This information augments the information provided in Chapter 7, Building and Modifying DNS Rules in the Cisco Global Site Selector GUI-Based Global Server Load Balancing Configuration Guide and the Cisco Global Site Selector CLI-Based Global Server Load Balancing Configuration Guide.

The balance clauses that you configure in a DNS rule are evaluated in order, with parameters established to determine when a clause should be skipped and the next clause is to be used. A balance clause is skipped when any one of the following conditions exits:

A least-loaded balance method is selected and the load threshold for all online answers is exceeded.

The VIP answers in the specified VIP answer group are offline.

Proximity is enabled for a VIP-type answer group and the DRP agents do not return any RTT values that meet the value set for acceptable-rtt.

All answers in a CRA- or NS-type answer group are offline and keepalives are enabled to monitor the answers.

Additional Information for Configuring DNS Sticky

This information augments the information provided in Chapter 8, Configuring DNS Sticky in the Cisco Global Site Selector GUI-Based Global Server Load Balancing Configuration Guide and the Cisco Global Site Selector CLI-Based Global Server Load Balancing Configuration Guide.

You can configure sticky only in a DNS rule that uses a VIP-type answer group.

Sticky is active for a DNS rule only when the following conditions exist:

Sticky is enabled for either global or local use. In the GUI, select Global or Local for the State option in the Global Sticky Configuration details page; in the CLI, enter the enable global or enable local command.

A sticky method option (domain or domain list) is selected. In the GUI, use the DNS Rule Builder and select By Domain or By Domain List for the Select Sticky Method option in the Create New DNS Rule window; in the CLI, enter the sticky method domain or sticky method domain list command.

Sticky is enabled within a balance clause for the DNS rule. In the GUI, use the DNS Rule Builder and click the Sticky Enable checkbox; in the CLI, enter the sticky enable command.

Software Version 1.3(1) Open Caveats, Resolved Caveats, and Command Changes

The following sections contain the open caveats, resolved caveats, and command changes in GSS software version 1.3(1):

Software Version 1.3(1) Open Caveats

Software Version 1.3(1) Resolved Caveats

Software Version 1.3(1) CLI Command Updates

Software Version 1.3(1) Open Caveats

This section lists the open caveats for software version 1.3(1).

CSCef27479—When the GSS operates as a client with a TACACS+ server, it fails to use the TACACS+ server for authentication when you perform a remote SSH login using private and public key pairs. The SSH private and public keys on the GSS perform the user authentication and take priority over a TACACS+ server. If SSH private and public key pair authentication fails, then the TACACS+ server performs user authentication.

Workaround: To use a TACACS+ server for user authentication, use the no ssh keys CLI command to disable the use of SSH key pairs on the GSS. Refer to the Cisco Global Site Selector Getting Started Guide for details on configuring the GSS for remote access over an SSH session that uses private and public key pairs for authentication.

CSCef58474—A GSS CLI session may become unresponsive when you enter the enable command to access privileged EXEC mode from user EXEC mode. This condition may occur when there are seven or more concurrent CLI sessions running on the same GSS.

Workaround: Reduce the number of concurrent sessions running on the same GSS to less than seven by logging out of one or more CLI sessions.

CSCef94037—The NTP service remains enabled in a GSS even if you disable the service before rebooting a GSS. Starting with software version 1.2(1) and continuing through software version 1.3(1), the ntp enable command is used to enable the NTP service on the GSS. The ntp enable command is used with the ntp-server command to synchronize the GSS system clock with an NTP time server. To preserve backwards software compatibility, the line ntp enable is automatically added to any startup-configuration file created by a pre-GSS version 1.2(1) version of software. The re-occurrence of the line ntp enable in the GSS startup-configuration file is caused when you define one or more NTP servers using the ntp-server command. Each time you reboot the GSS, it automatically enables the NTP service if it detects an NTP server in the startup-configuration file.

Workaround to disable NTP service on the GSS:

a. Enter the no ntp enable command to disable the NTP service.

gss1.yourdomain.com# no ntp enable

b. Enter the no ntp-server command to disable all configured NTP servers.

gss1.example.com(config)# no ntp-server 192.168.0.1 92.168.0.2

CSCeg10406—Using the gssm restore command to restore the primary GSSM from the backup file may result in a misconfiguration of the keepalive engine and DNS server on the standby GSSM or GSS devices. This behavior is caused as a result of the newly restored configuration not properly overwriting the previous configuration on the primary GSSM.

The following logs are symptoms of a misconfiguration in either the keepalive engine or DNS server:

 KAL-4-KALSTATSNOGID[916] Could not find KAL-GID [208]
 KAL-4-KALGIDNOTFOUND[20077] kalDeleteVip: No KAL-GID found, removing based on GID 
[88]: success
 CRD-4-ANSWERNOTEXT[912] answer id 214 doesn't exist in selector but in kale

The presence of a core file in the /core-files/keepalive and /core-files/dnsserver is evidence of this problem.

Workaround: Ensure the standby GSSM and all GSS devices have network connectivity with the primary GSSM, then perform the following procedure:

a. Log on to the CLI of the standby GSSM or a GSS.

b. Enable privileged EXEC mode.

gss1.yourdomain.com> enable
gss1.yourdomain.com#

c. Determine if the node.state file is present in the / directory. If it is not present, proceed to step g.

gss1.yourdomain.com# cd /
gss1.yourdomain.com# ls

d. If the node.state file is present in the / directory, enter the gss stop command to stop your GSS server.

gss1.yourdomain.com# gss stop

e. Delete the node.state file.

gss1.yourdomain.com# del node.state 
gss1.yourdomain.com# cd /home

f. Enter the gss start command to force the standby GSSM or GSS to retrieve a new and complete configuration from the primary GSSM.

gss1.yourdomain.com# gss start

g. Repeat this procedure for each GSS device in your network.

CSCeh89311—When configuring a GSS device as a standby GSSM using the gss enable gss-standby command, the standby GSSM may fail to register with the primary GSSM. This behavior is caused if either of the following condition exists:

There is no valid name server IP address configured on the standby GSSM

There is more than one invalid name server IP address configured on the standby GSSM (in addition to a valid name server IP address)

Workaround: Ensure the standby GSSM is configured with a valid name server IP address. Additionally, ensure that there is no more than one invalid name server IP address configured on the standby GSSM.

CSCsb96262—In certain GSS configurations, the primary GSSM exhibits delays in its DNS resolution process. This delay can also be seen in slow GUI responses (30 to 45 seconds) when attempting to switch from one tab to another. This behavior occurs when the primary and standby GSSM reside in the same subdomain as the name server to which they are configured, and the primary GSSM needs to resolve the hostname request for the standby GSSM. Because the name server is not authoritative for the subdomain (the primary and standby GSSMs are), the name server is unable to resolve the hostname request and a looping effect is created.

Workaround 1: Configure your GSS network so that the primary GSSM and the standby GSSM reside in a subdomain that is different from the subdomain in which the answers they resolve for reside. This configuration allows the name server configured for the primary and standby GSSM to answer the primary GSSM's hostname request for the standby GSSM.

Workaround 2: Create a DNS rule at the primary GSSM that enables the primary GSSM to provide an answer to its DNS query for the standby GSSM. The DNS rule must include the following elements:

A domain list that provides the fully qualified domain name for the standby GSSM

An answer that includes the IP address of the standby GSSM and specifies a keepalive type of None

An answer group that includes only the answer created in the previous step

A DNS rule

CSCsc71389—The GSS exhibits an unexpected 2:1 load distribution (where a 1:1 load distribution is expected) under certain DNS rule configurations. The following DNS rule configuration can result in a 2:1 load distribution:

A Hashed method type is selected in the balance clause of the DNS rule

The answer group specified in the balance clause contains only two answers

CSCsc99070—When the GSS performs an SNMPwalk on UCD-SNMP-MIB (OID 1.3.6.1.4.1.1.2021), it jumps from OID 2021.4.x to 2021.10.x. Because these omitted OIDs contain disk partition information, the information is not available using SNMP.

CSCsd08995—TACACS+ authentication fails when attempting an SSH login when the GSS password and the TACACS+ password differ.

Workaround: Ensure that the GSS and TACACS+ server passwords are identical.

CSCsd15405—The GSS does not authenticate TACACS+ users if both of the following conditions exist:

The Group-Level Password Aging checkbox is enabled (in the Advanced Options page of the Interface Configuration section in the Cisco Secure ACS HTML interface)

The password aging period has expired (the password warning period is active)

Workaround 1: Disable the Group-Level Password Aging checkbox.

Workaround 2: If Group-Level Password Aging is required, reset the user password (when prompted) at both the GSS CLI and the TACACS+ server. Ensure that the passwords are identical.

CSCsd31646—The clock timezone command allows you to select standard Universal Time Coordinated (UTC) timezones for your GSS. However, if you need to specify an offset to your standard timezone (for example, daylight savings time arrives early for your region), you must manually set the GSS time.

Workaround: Use the clock set command to manually set a time for each GSS device. For example:

gss1.example.com# clock set 13:01:05 march 26 2006

CSCsd36425—The GSS returns an incorrect administrative status to an SNMP management station for GSS interface eth0 or eth1 when an interface is not configured with an IP address. The incorrect status is returned as "administratively-UP" and as "operationally-DOWN." For example:

interfaces.ifTable.ifEntry.ifAdminStatus.3 - up(1)
interfaces.ifTable.ifEntry.ifOperStatus.3 - down(2)

CSCsd48703—When executing the script play-config command to play a GSLB configuration file and a name server is not properly configured, the GSS CLI becomes unavailable and the Content Router Manager (CRM) may automatically restart. In some cases, the CLI becomes available again after a few minutes; in other cases, you must restart the GSS using the gss stop and gss start command sequence.

An example CRM error message follows:

Feb 25 02:07:47 CRM-3-EXCEPTION[3211] java.lang.InternalError: verify() failed 
java.lang.InternalError: verify() failed at 
com.sightpath.merlot.util.Asserter.internalError(Asserter.java:62) at 
com.sightpath.merlot.util.Asserter.verify(Asserter.java:41) at 
com.sightpath.merlot.servantCLI.CliAdapter.healthyOrDie(CliAdapter.java:178) at 
com.sightpath.merlot.server.AServer.modulesHealthyOrDie(AServer.java:865) at 
com.sightpath.merlot.server.AServer.healthCheck(AServer.java:875) at 
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at 
sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at 
sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at 
java.lang.reflect.Method.invoke(Unknown Source) at 
sun.rmi.server.UnicastServerRef.dispatch(Unknown Source) at 
sun.rmi.transport.Transport$1.run(Unknown Source) at 
java.security.AccessController.doPrivileged(Native Method) at 
sun.rmi.transport.Transport.serviceCall(Unknown Source) at 
sun.rmi.transport.tcp.TCPTransport.handleMessages(Unknown Source) at 
sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(Unknown Source) at 
java.lang.Thread.run(Unknown Source) Dumping stack for crm at Sat Feb 25 02:07:48 GMT 
2006 Starting crm: Sat Feb 25 02:07:51 UTC 2006 [(4766)] Store is already upgraded. 
controller.storeUpgrade Done. runUpgrade: spjava controller.storeUpgrade --upgrade 

Workaround: Properly configure a name server in the GSS network.

CSCsd50568—When a primary GSSM has been upgraded to GSS software version 1.3(1), but other GSS devices remain at version 1.2(1.1.2) or 1.2(2.0.3), global server load-balancing configuration settings are not propagated to the GSS devices still at version 1.2(1.1.2) or 1.2(2.0.3).

Workaround: Ensure that all GSS devices on the network are upgraded to GSS software version 1.3(1) before you configure global server load balancing.

CSCsd52299—GSS software version 1.3(1) does not allow the use of double quotes for names and associated description strings. If you have any instances of double quotes (") in object names or associated descriptions (for example, "dns rule 01" or "dns rule 02), then you must remove all double quotes before you upgrade to GSS software version 1.3(1).

Workaround: Remove all instances of double quotes in object names and associated descriptions by following the steps in "Upgrade Steps Required When Using Double Quotes for Object or Description Names".

Software Version 1.3(1) Resolved Caveats

This section lists the resolved caveats for software version 1.3(1).

CSCei10099—GSS software versions 1.2(1.1.2) and 1.2(2) fail to exchange configuration and statistic updates with GSS devices running GSS software version 1.2(1.0.3) or an earlier version. When this software version mismatch occurs, a GSS device running an incompatible software version fails to receive configuration updates from the primary GSSM. In addition, the primary GSSM GUI does not update operating status and statistics for the GSS device. Although configuration updates do not occur between the devices, each GSS device continues to answer DNS requests and perform keepalive operations based on its current configuration.

CSCsc18321—The GSS directs all queries to the lower-weighted answer when using the following combination of global server load-balancing parameters:

Two configured answers

Weighted Round Robin balance method

VIP KAL-AP keepalive type

Standard failure detection mode

Software Version 1.3(1) CLI Command Updates

Table 1 lists the new commands in GSS software version 1.3(1). For detailed information on how the new CLI commands are used for global server load balancing, refer to the Cisco Global Site Selector CLI-Based Global Server Load-Balancing Configuration Guide chapters that are specified in Table 1. For detailed descriptions of all CLI commands in the GSS software, refer to the Cisco Global Site Selector Command Reference.

Table 1 CLI Commands Added in Version 1.3(1) 

Command and Prompt
CLI-Based Configuration Guide Chapter

copy gslb-config

Chapter 10, Creating and Displaying GSLB Configuration Files

show gslb-config

Chapter 11, Displaying Global Server Load-Balancing Configuration Information

show gslb-errors

Chapter 11, Displaying Global Server Load-Balancing Configuration Information

show proximity database

Chapter 12, Displaying GSS Global Server Load-Balancing Statistics

(config-gslb) answer cra

Chapter 6, Configuring Answers and Answer Groups

(config-gslb) answer ns

Chapter 6, Configuring Answers and Answer Groups

(config-gslb) answer vip

Chapter 6, Configuring Answers and Answer Groups

(config-gslb-ansvip[ag-ip]) keepalive type http-head

Chapter 6, Configuring Answers and Answer Groups

(config-gslb-ansvip[ag-ip]) keepalive type icmp

Chapter 6, Configuring Answers and Answer Groups

(config-gslb-ansvip[ag-ip]) keepalive type kalap

Chapter 6, Configuring Answers and Answer Groups

(config-gslb-ansvip[ag-ip]) keepalive type tcp

Chapter 6, Configuring Answers and Answer Groups

(config-gslb) answer group

Chapter 6, Configuring Answers and Answer Groups

(config-gslb-agcra[ag-name]) answer-add

Chapter 6, Configuring Answers and Answer Groups

(config-gslb-agns[ag-name]) answer-add

Chapter 6, Configuring Answers and Answer Groups

(config-gslb-agvip[ag-name]) answer-add

Chapter 6, Configuring Answers and Answer Groups

(config-gslb) dns rule

Chapter 7, Building and Modifying DNS Rules

(config-gslb) domain-list

Chapter 4, Configuring Domain Lists

(config-gslb-dl[dl-name]) domain

Chapter 4, Configuring Domain Lists

(config-gslb) keepalive-properties cra

Chapter 5, Configuring Keepalives

(config-gslb) keepalive-properties http-head

Chapter 5, Configuring Keepalives

(config-gslb) keepalive-properties icmp

Chapter 5, Configuring Keepalives

(config-gslb) keepalive-properties kalap

Chapter 5, Configuring Keepalives

(config-gslb) keepalive-properties ns

Chapter 5, Configuring Keepalives

(config-gslb) keepalive-properties tcp

Chapter 5, Configuring Keepalives

(config-gslb) location

Chapter 2, Configuring Resources

(config-gslb) owner

Chapter 2, Configuring Resources

(config-gslb) proximity assign

Chapter 8, Configuring Network Proximity

(config-gslb) proximity group

Chapter 8, Configuring Network Proximity

(config-gslb) proximity-properties

Chapter 8, Configuring Network Proximity

(config-gslb) region

Chapter 2, Configuring Resources

(config-gslb) script play-config

Chapter 10, Creating and Displaying GSLB Configuration Files

(config-gslb) shared-keepalive http-head

Chapter 5, Configuring Keepalives

(config-gslb) shared-keepalive icmp

Chapter 5, Configuring Keepalives

(config-gslb) shared-keepalive kalap

Chapter 5, Configuring Keepalives

(config-gslb) shared-keepalive tcp

Chapter 5, Configuring Keepalives

(config-gslb) source-address-list

Chapter 3, Configuring Source Address Lists

(config-gslb-sal) ip address

Chapter 3, Configuring Source Address Lists

(config-gslb) sticky group

Chapter 8, Configuring DNS Sticky

(config-gslb) sticky-properties

Chapter 8, Configuring DNS Sticky

(config-gslb) zone

Chapter 9, Configuring Network Proximity

(config-gslb-proxprop) acceptable-rtt

Chapter 9, Configuring Network Proximity

(config-gslb-proxprop) acceptable-zone

Chapter 9, Configuring Network Proximity

(config-gslb-proxprop) authentication drp enable

Chapter 9, Configuring Network Proximity

(config-gslb-proxprop) discovery-sequence

Chapter 9, Configuring Network Proximity

(config-gslb-proxprop) enable

Chapter 9, Configuring Network Proximity

(config-gslb-proxprop) equivalence

Chapter 9, Configuring Network Proximity

(config-gslb-proxprop) key drp

Chapter 9, Configuring Network Proximity

(config-gslb-proxprop) mask

Chapter 9, Configuring Network Proximity

(config-gslb-proxprop) refresh-interval

Chapter 9, Configuring Network Proximity

(config-gslb-proxprop) timeout

Chapter 9, Configuring Network Proximity

(config-gslb-proxprop) wait enable

Chapter 9, Configuring Network Proximity

(config-gslb-rule[rule-name]) clause cra-group

Chapter 7, Building and Modifying DNS Rules

(config-gslb-rule[rule-name]) clause ns-group

Chapter 7, Building and Modifying DNS Rules

(config-gslb-rule[rule-name]) clause vip-group

Chapter 7, Building and Modifying DNS Rules

(config-gslb-rule[rule-name]) sticky method

Chapter 8, Configuring DNS Sticky

(config-gslb-rule[rule-name]) sticky timeout

Chapter 8, Configuring DNS Sticky

(config-gslb-stkyprop) enable

Chapter 8, Configuring DNS Sticky

(config-gslb-stkyprop) encryption

Chapter 8, Configuring DNS Sticky

(config-gslb-stkyprop) favored-peer

Chapter 8, Configuring DNS Sticky

(config-gslb-stkyprop) mask

Chapter 8, Configuring DNS Sticky

(config-gslb-stkyprop) timeout

Chapter 8, Configuring DNS Sticky


Obtaining Documentation

Cisco documentation and additional literature are available on Cisco.com. Cisco also provides several ways to obtain technical assistance and other technical resources. These sections explain how to obtain technical information from Cisco Systems.

Cisco.com

You can access the most current Cisco documentation at this URL:

http://www.cisco.com/techsupport

You can access the Cisco website at this URL:

http://www.cisco.com

You can access international Cisco websites at this URL:

http://www.cisco.com/public/countries_languages.shtml

Product Documentation DVD

The Product Documentation DVD is a comprehensive library of technical product documentation on a portable medium. The DVD enables you to access multiple versions of installation, configuration, and command guides for Cisco hardware and software products. With the DVD, you have access to the same HTML documentation that is found on the Cisco website without being connected to the Internet. Certain products also have .PDF versions of the documentation available.

The Product Documentation DVD is available as a single unit or as a subscription. Registered Cisco.com users (Cisco direct customers) can order a Product Documentation DVD (product number DOC-DOCDVD= or DOC-DOCDVD=SUB) from Cisco Marketplace at this URL:

http://www.cisco.com/go/marketplace/

Ordering Documentation

Registered Cisco.com users may order Cisco documentation at the Product Documentation Store in the Cisco Marketplace at this URL:

http://www.cisco.com/go/marketplace/

Nonregistered Cisco.com users can order technical documentation from 8:00 a.m. to 5:00 p.m. (0800 to 1700) PDT by calling 1 866 463-3487 in the United States and Canada, or elsewhere by calling 011 408 519-5055. You can also order documentation by e-mail at tech-doc-store-mkpl@external.cisco.com or by fax at 1 408 519-5001 in the United States and Canada, or elsewhere at 011 408 519-5001.

Documentation Feedback

You can rate and provide feedback about Cisco technical documents by completing the online feedback form that appears with the technical documents on Cisco.com.

You can submit comments about Cisco documentation by using the response card (if present) behind the front cover of your document or by writing to the following address:

Cisco Systems
Attn: Customer Document Ordering
170 West Tasman Drive
San Jose, CA 95134-9883

We appreciate your comments.

Cisco Product Security Overview

Cisco provides a free online Security Vulnerability Policy portal at this URL:

http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html

From this site, you will find information about how to:

Report security vulnerabilities in Cisco products.

Obtain assistance with security incidents that involve Cisco products.

Register to receive security information from Cisco.

A current list of security advisories, security notices, and security responses for Cisco products is available at this URL:

http://www.cisco.com/go/psirt

To see security advisories, security notices, and security responses as they are updated in real time, you can subscribe to the Product Security Incident Response Team Really Simple Syndication (PSIRT RSS) feed. Information about how to subscribe to the PSIRT RSS feed is found at this URL:

http://www.cisco.com/en/US/products/products_psirt_rss_feed.html

Reporting Security Problems in Cisco Products

Cisco is committed to delivering secure products. We test our products internally before we release them, and we strive to correct all vulnerabilities quickly. If you think that you have identified a vulnerability in a Cisco product, contact PSIRT:

For Emergencies only — security-alert@cisco.com

An emergency is either a condition in which a system is under active attack or a condition for which a severe and urgent security vulnerability should be reported. All other conditions are considered nonemergencies.

For Nonemergencies — psirt@cisco.com

In an emergency, you can also reach PSIRT by telephone:

1 877 228-7302

1 408 525-6532


Tip We encourage you to use Pretty Good Privacy (PGP) or a compatible product (for example, GnuPG) to encrypt any sensitive information that you send to Cisco. PSIRT can work with information that has been encrypted with PGP versions 2.x through 9.x.

Never use a revoked or an expired encryption key. The correct public key to use in your correspondence with PSIRT is the one linked in the Contact Summary section of the Security Vulnerability Policy page at this URL:

http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html

The link on this page has the current PGP key ID in use.

If you do not have or use PGP, contact PSIRT at the aforementioned e-mail addresses or phone numbers before sending any sensitive material to find other means of encrypting the data.


Obtaining Technical Assistance

Cisco Technical Support provides 24-hour-a-day award-winning technical assistance. The Cisco Technical Support & Documentation website on Cisco.com features extensive online support resources. In addition, if you have a valid Cisco service contract, Cisco Technical Assistance Center (TAC) engineers provide telephone support. If you do not have a valid Cisco service contract, contact your reseller.

Cisco Technical Support & Documentation Website

The Cisco Technical Support & Documentation website provides online documents and tools for troubleshooting and resolving technical issues with Cisco products and technologies. The website is available 24 hours a day, at this URL:

http://www.cisco.com/techsupport

Access to all tools on the Cisco Technical Support & Documentation website requires a Cisco.com user ID and password. If you have a valid service contract but do not have a user ID or password, you can register at this URL:

http://tools.cisco.com/RPF/register/register.do


Note Use the Cisco Product Identification (CPI) tool to locate your product serial number before submitting a web or phone request for service. You can access the CPI tool from the Cisco Technical Support & Documentation website by clicking the Tools & Resources link under Documentation & Tools. Choose Cisco Product Identification Tool from the Alphabetical Index drop-down list, or click the Cisco Product Identification Tool link under Alerts & RMAs. The CPI tool offers three search options: by product ID or model name; by tree view; or for certain products, by copying and pasting show command output. Search results show an illustration of your product with the serial number label location highlighted. Locate the serial number label on your product and record the information before placing a service call.


Submitting a Service Request

Using the online TAC Service Request Tool is the fastest way to open S3 and S4 service requests. (S3 and S4 service requests are those in which your network is minimally impaired or for which you require product information.) After you describe your situation, the TAC Service Request Tool provides recommended solutions. If your issue is not resolved using the recommended resources, your service request is assigned to a Cisco engineer. The TAC Service Request Tool is located at this URL:

http://www.cisco.com/techsupport/servicerequest

For S1 or S2 service requests, or if you do not have Internet access, contact the Cisco TAC by telephone. (S1 or S2 service requests are those in which your production network is down or severely degraded.) Cisco engineers are assigned immediately to S1 and S2 service requests to help keep your business operations running smoothly.

To open a service request by telephone, use one of the following numbers:

Asia-Pacific: +61 2 8446 7411 (Australia: 1 800 805 227)
EMEA: +32 2 704 55 55
USA: 1 800 553-2447

For a complete list of Cisco TAC contacts, go to this URL:

http://www.cisco.com/techsupport/contacts

Definitions of Service Request Severity

To ensure that all service requests are reported in a standard format, Cisco has established severity definitions.

Severity 1 (S1)—An existing network is down, or there is a critical impact to your business operations. You and Cisco will commit all necessary resources around the clock to resolve the situation.

Severity 2 (S2)—Operation of an existing network is severely degraded, or significant aspects of your business operations are negatively affected by inadequate performance of Cisco products. You and Cisco will commit full-time resources during normal business hours to resolve the situation.

Severity 3 (S3)—Operational performance of the network is impaired, while most business operations remain functional. You and Cisco will commit resources during normal business hours to restore service to satisfactory levels.

Severity 4 (S4)—You require information or assistance with Cisco product capabilities, installation, or configuration. There is little or no effect on your business operations.

Obtaining Additional Publications and Information

Information about Cisco products, technologies, and network solutions is available from various online and printed sources.

The Cisco Product Quick Reference Guide is a handy, compact reference tool that includes brief product overviews, key features, sample part numbers, and abbreviated technical specifications for many Cisco products that are sold through channel partners. It is updated twice a year and includes the latest Cisco offerings. To order and find out more about the Cisco Product Quick Reference Guide, go to this URL:

http://www.cisco.com/go/guide

Cisco Marketplace provides a variety of Cisco books, reference guides, documentation, and logo merchandise. Visit Cisco Marketplace, the company store, at this URL:

http://www.cisco.com/go/marketplace/

Cisco Press publishes a wide range of general networking, training and certification titles. Both new and experienced users will benefit from these publications. For current Cisco Press titles and other information, go to Cisco Press at this URL:

http://www.ciscopress.com

Packet magazine is the Cisco Systems technical user magazine for maximizing Internet and networking investments. Each quarter, Packet delivers coverage of the latest industry trends, technology breakthroughs, and Cisco products and solutions, as well as network deployment and troubleshooting tips, configuration examples, customer case studies, certification and training information, and links to scores of in-depth online resources. You can access Packet magazine at this URL:

http://www.cisco.com/packet

iQ Magazine is the quarterly publication from Cisco Systems designed to help growing companies learn how they can use technology to increase revenue, streamline their business, and expand services. The publication identifies the challenges facing these companies and the technologies to help solve them, using real-world case studies and business strategies to help readers make sound technology investment decisions. You can access iQ Magazine at this URL:

http://www.cisco.com/go/iqmagazine

or view the digital edition at this URL:

http://ciscoiq.texterity.com/ciscoiq/sample/

Internet Protocol Journal is a quarterly journal published by Cisco Systems for engineering professionals involved in designing, developing, and operating public and private internets and intranets. You can access the Internet Protocol Journal at this URL:

http://www.cisco.com/ipj

Networking products offered by Cisco Systems, as well as customer support services, can be obtained at this URL:

http://www.cisco.com/en/US/products/index.html

Networking Professionals Connection is an interactive website for networking professionals to share questions, suggestions, and information about networking products and technologies with Cisco experts and other networking professionals. Join a discussion at this URL:

http://www.cisco.com/discuss/networking

World-class networking training is available from Cisco. You can view current offerings at this URL:

http://www.cisco.com/en/US/learning/index.html