Cisco GSS CLI-Based Global Server Load-Balancing Configuration Guide (Software Version 4.1.2)
Configuring and Monitoring the GeoDB
Downloads: This chapterpdf (PDF - 179.0KB) The complete bookPDF (PDF - 9.19MB) | Feedback

Configuring and Monitoring the GeoDB

Table Of Contents

Configuring and Monitoring the GeoDB

Logging in to the CLI and Enabling Privileged EXEC Mode

Managing GeoDB Operations

Importing GeoDB

Loading GeoDB

Downloading and Installing GeoDB

Monitoring the GeoDB Download Status

Dumping GeoDB

Running a Periodic Backup of GeoDB

IP-Address Lookup Inside GeoDB

Setting Up the GeoDB Configuration

Configuring the Global GeoDB Properties

Configuring the Default Continent Regions

Configuring Geo-Location-Based Proximity

Managing GeoDB Static Entries

Adding a Static Entry

Displaying Static Entries

Monitoring GeoDB Statistics

Monitoring Database Statistics

Monitoring Lookup Statistics

Monitoring Rule Hit Statistics

Where to Go Next


Configuring and Monitoring the GeoDB


This chapter describes how to implement the GeoIP database (GeoDB) proximity computation mechanism in GSS. From the latitudinal and longitudinal information in the GeoDB, GSS decides the proximity, based on the geographical distance from the client D-proxy to the zone instead of the round-trip time (RTT) value. Once you determine the latitude and longitude of the client's D-proxy and a resource in the data center, the GSS can calculate the distance from the client's D-proxy to the zone. During the proximity calculation, the GSS uses these distances instead of RTT values to determine the IP address of the resource nearest to the D-proxy.

The process of updating the GeoDB does not impact GSS operations. All user-defined database entries are preserved during a database upgrade.

To enable the GeoDB feature, a valid license should be installed and the GeoIP database should be imported into GSS. If you want to enable the GeoDB license package on a particular GSS, you must purchase a GeoDB license from Cisco in order to receive a Product Authorization Key (PAK) number. For more information on obtaining and installing a GeoDB license, see the Global Site Selector Administration Guide. After importing, if static entries are present, the distance gets computed based on the latitude and longitude mentioned for the static entries.


Note Before you add or modify the regions or states, you must import the GeoDB file. There are two versions of the GeoDB file (v001 and v002). You can verify the version number by checking the file name. To import the GeoDB file, you must use the following command:
geodb database import tar-file-name cisco_geodb_2011-07-12_v002.tar.gz md5sum-file-name cisco_geodb_2011-07-12_v002.tar.gz.md5.

To configure the default continent regions, you must import the latest version (v002) of the GeoDB file. For using Geodb and Region-SAL feature, you can download and install either of the two versions of geodb database

Download the GeoDB file from the following URL: http://geolite.maxmind.com/download/sec/. The download link is password protected. For the user name and password, refer to the e-delivery letter of your GeoIP database license. For further assistance, contact your Cisco account representative or send an e-mail message to ask-gss@cisco.com.



Note The state names and country codes are getting stored in the gslb configuration of the GSS. When you do gss disable, the country name and state codes that are needed to create regions are stored as a gslb configuration is removed. To populate you must re-import the GeoDB file. It is recommended that you import the GeoDB file again for the proper functionality. The show geodb output command displays the status of the GeoDB tables that are available in the cache memory, while the codes reside in the gslb configuration.


This chapter contains the following major sections:

Logging in to the CLI and Enabling Privileged EXEC Mode

Managing GeoDB Operations

Setting Up the GeoDB Configuration

Configuring Geo-Location-Based Proximity

Managing GeoDB Static Entries

Monitoring GeoDB Statistics

Where to Go Next

Logging in to the CLI and Enabling Privileged EXEC Mode


Note To log in and enable privileged EXEC mode in the GSS, you must be a configured user with administrator privileges. See the Cisco Global Site Selector Administration Guide for information on creating and managing user accounts.


To log in to the primary GSSM and enable privileged EXEC mode at the CLI, perform the following steps:

1. If you are remotely logging in to the primary GSSM through Telnet or secure shell (SSH), enter the hostname or IP address of the GSSM to access the CLI. You can enter only an IPv4 IP address.

If you are using a direct serial connection between your terminal and the GSSM, use a terminal emulation program to access the CLI. For details about making a direct connection to the GSS device using a dedicated terminal and about establishing a remote connection using SSH or Telnet, see the Cisco Global Site Selector Getting Started Guide.

2. Specify your GSS administrative username and password to log in to the GSSM. The CLI prompt as follows:

gssm1.example.com> 
 
   

3. At the CLI prompt, enable privileged EXEC mode as follows:

gssm1.example.com> enable
gssm1.example.com# 
 
   

If you are accessing the GSS remotely using Telnet or SSH, the CLI prompts you for the enable password. The default password is default. For more information about the enable password and configuring a new password, see the Cisco Global Site Selector Getting Started Guide.

The prompt changes from the user-level EXEC right angle bracket (>) prompt to the privileged-level EXEC pound sign (#).

Managing GeoDB Operations

This section shows how to manage the GeoDB operations and contains the following topics:

Importing GeoDB

Loading GeoDB

Downloading and Installing GeoDB

Dumping GeoDB

Running a Periodic Backup of GeoDB

IP-Address Lookup Inside GeoDB

Importing GeoDB

You can import the GeoIP database in CSV format from the vendor to the GSS internal PDB-based GEO format by using the geodb database import command.


Note To enable the GeoDB feature, both the following conditions have to be met: A valid license must be installed and GeoIP database must be imported into GSS. For a detailed description of acquiring, installing, or uninstalling a GeoDB license file, see the Cisco Global Site Selector Administration Guide.


The syntax of this command is as follows:

geodb database import tar-file-name tar-file-name md5sum-file-name md5sum-file-name

The keywords are as follows:

tar-file-name—CVS filename tarball in tar.gz format

md5sum-file-name —CVS filename tarball md5 checksum in tar.gz format

For example, enter:

gssm1.example.com# geodb database import tar-file-name cisco_geodb_2011-05-01_v002.tar.gz 
md5sum-file-name cisco_geodb_2011-05-01_v002.tar.gz.md5

Loading GeoDB

You can load and merge a database from disk into the existing database in GSS memory by using the geoip load command. The merge capability supports the addition of entries from one GSS to another GSS. The file must be in binary format for loading into GSS memory.

The GSS validates the loaded database entries, checks the software version for compatibility, and then adds the database entries in memory. The GSS does not overwrite duplicate entries in the database.

The syntax of this command is as follows:

geodb database load filename

For example, enter:

gssm1.example.com# geodb database load cisco format binary

Downloading and Installing GeoDB

To download and install the GeoDB file, you must have performed the following steps:

1. Download the latest GeoDB file from http://geolite.maxmind.com/download/sec/ using the username and password provided to you in the e-delivery letter. For previous versions of GeoIP database files, go through the archive folder.

2. The file is copied on to your local machine. Note that you must download both the tar.gz as well as the corresponding tar.gz.md5 files. Then, copy the file to the GSS using a Secure Copy Protocol (SCP) or File Transfer Protocol (FTP). To import the downloaded GeoDB file, you must use the geodb database import tar-file-name cisco_geodb_2011-07-12_v002.tar.gz md5sum-file-name cisco_geodb_2011-07-12_v002.tar.gz.md5 command.

Monitoring the GeoDB Download Status

You can check the Geodb download status, import status, Database version of the GeoDB file using the following command:

show geodb

For example, enter:

gssm1.example.com# show geodb
gssm1.example.com#show geodb
  Geodb Manager status:     Disabled
  Database entry count:     0
  Dump interval:            60 minutes
  Timeout interval:         15 minutes
  Import Status:            Completed
  DataBase Version:         v001(2011-10-18)
gssm1.example.com#

Dumping GeoDB

You can output entries from the database by using the geoip dump command. The GSS uses the backup file to initialize the database upon system restart or reboot to enable the GSS to recover the contents of the database. When GeoDB is enabled, the GSS restores from the database dump file any time it re-enters the mesh and cannot retrieve the database contents from a GSS peer in the mesh.

You can dump all entries or selected entries from the database to a named file as a user-initiated backup file. You can then use the ftp command in EXEC or global configuration mode to launch the FTP client and transfer the file to and from remote machines.

The GSS includes options that provide a level of granularity for saving entries from the database. The GSS supports binary and XML output formats. Optionally, you can specify the entry type filter to clarify the information saved from the database.

The syntax of this command is as follows:

geodb database dump {filename} format {binary | xml}

The keywords and arguments are as follows:

filename—Name of the output file that contains the database entries on the GSS disk. This file resides in the /home directory.

format—Saves the database entries in a binary or XML format. Choose the binary encoding as the format type if you intend to load the contents of the file into the database of another GSS. The valid entries are as follows:

binary—Saves the assigned entries in binary format. This file can be used only with the geoip load command.

xml—Saves the assigned entries in XML format. The contents of an XML file includes the data fields and the data descriptions.

For example, enter:

gssm1.example.com# geodb database dump cisco format xml

gssm1.example.com# geodb database dump cisco format binary


Note The GSS automatically saves database entries to a backup file on disk approximately every 60 minutes. This feature will be enabled in GSS software version 4.1.1 and 4.1.2.


Running a Periodic Backup of GeoDB

You can force an immediate backup of the database residing in GSS memory by using the geodb database periodic-backup now command. The GSS sends the database entries to the system dump file. Upon a reboot or restart, the GSS reads this file and loads the contents to initialize the GeoDB statistics configured for the GSS at boot time.

The syntax of this command is as follows:

geodb database periodic-backup now

For example, enter:

gssm1.example.com# geodb database periodic-backup now

IP-Address Lookup Inside GeoDB

You can display the information about a particular IP address inside GeoIP database by using geodb database lookup command. The output of geodb database lookup command displays the longitude, latitude, region ID, and country code for that particular IP. The output also displays the static entry details (if any present in the database) for that IP.

The syntax of this command is as follows:

geodb database lookup ip-address ip-address

For example, enter:

gssm1.example.com# geodb database lookup ip-address 1.1.1.1

Latitude Longitude RegionId Contry Code:State Name

------- --------- -------- ---------------------

-27 133 155 AU:() (GeoIP Database Entry)

N/A N/A N/A N/A (GeoIP Static Entry)

 
   

Setting Up the GeoDB Configuration

This section contains the following topics:

Configuring the Global GeoDB Properties

Configuring the Default Continent Regions

Configuring the Global GeoDB Properties

You can configure global GeoDB configuration settings by accessing the geodb properties configuration mode by entering the geodb-properties command in global server load-balancing configuration mode. The GeoDB functionality is applicable only for A or AAAA requests, which come from IPv4 D-proxies. Also, the zone IP addresses must be IPv4 addresses.

To access the geodb properties configuration mode, enter the geodb-properties command in global server load-balancing configuration mode. For example,

gssm1.example.com(config-gslb)# geodb-properties
gssm1.example.com(config-gslb-geodbprop)#
 
   

Configure global GeoDB configuration default settings using the following commands in geodb properties configuration mode:

no enable—Disables the GeoDB feature.

enable—Enables the GeoDB feature.

mask netmask—Specifies a global subnet mask that the GSS uses to uniformly group contiguous D-proxy addresses as an attempt to increase the number of clients that the GeoDB database can support.

timeout minutes—Specifies the maximum time interval that can pass without the GeoIP database receiving a lookup request for an entry before the GSS removes the entry from the GeoIP database. The inactivity timeout range is from 5 to 10080 minutes (168 hours).

equivalence kilometers—Specifies the distance that the GSS applies to the most proximate GeoIP values to identify the relative values of other zones that the GSS should consider as equally proximate. The equivalence distance range is from 0 to 9999 kms.

acceptable-distance kilometers—Specifies the acceptable distance value when determining the most proximate answer. The range of the acceptable distance is from 0 to 20000 kms.

request-monitoring enable—Enables or disables the Geo-source monitoring settings.


Note To enable the configuration settings, you must exit from the sub mode.

To disable any configuration settings, use no form of the command.


For example, enter:

gssm1.example.com(config-gslb)# geodb-properties
gssm1.example.com(config-gslb-geodbprop)# enable
gssm1.example.com(config-gslb-geodbprop)# mask 255.255.255.255
gssm1.example.com(config-gslb-geodbprop)# timeout 4320
gssm1.example.com(config-gslb-geodbprop)# equivalence 1000
gssm1.example.com(config-gslb-geodbprop)# acceptable-distance 5000

Configuring the Default Continent Regions

You can configure the default continent settings by accessing the geodb properties configuration mode by entering the geodb-properties command in global server load-balancing configuration mode.

To configure the default continent region, use the following command:

generate-default-continent-region—Generates the default regions for seven continents with all the respective countries attached.

For example, enter:

gssm1.example.com(config-gslb)# geodb-properties
gssm1.example.com(config-gslb-geodbprop)# generate-default-continent-region

Note To configure the default continent regions, you must import the latest version v002 of the GeoDB file.

You can edit or delete the configured regions.Every time you run the generate-default-continent-region command, a message appears asking if you want to overwrite the existing configured continent regions. If you choose yes, it will recreate the default continent regions & remove modification done, if any, on default continent regions.

While configuring a default continent region, if a region with any name from _NORTH_AMERICA_ALL, _SOUTH_AMERICA_ALL, _ASIA_ALL, _AFRICA_ALL, _OCEANIA_ALL, EUROPE_ALL and _ANTARCTICA_ALL (which are not configured by running generate default continent region command) exist, you will be prompted to delete the existing region and proceed.

The maximum number of regions you can configure is 250. Out of the total 250, seven are reserved for default continent regions & three are legacy regions (Central USA, Eastern USA & Western USA) to support backward compatibility. It is recommended not to configure more than 240 regions. If you exceed 243 regions (including legacy regions) & then try to generate default continent regions a message displays prompting you to allocate space for default continent regions.


Configuring Geo-Location-Based Proximity

To configure Geo-location-based proximity, perform the following steps:

1. Create a Zone with zone IP using an IPv4 IP address. Note that IPv6 IP addresses are not supported.

For example, to create a zone IP using an IPv4 IP address (192.168.1.1), enter;

gssm1.example.com(config-gslb)# zone USA-Datacenter index 1 probe 198.162.1.1 
gssm1.example.com(config-gslb)# zone India-Datacentre index 2 probe 198.162.1.2 
gssm1.example.com(config-gslb)# zone London index 3 probe 198.162.1.3
 
   

2. Create regions to be associated with the zones that you created in Step 1.

gssm1.example.com(config-gslb)# region "Western USA" comments "Western USA Region" 
gssm1.example.com(config-gslb)# region "South India" comments "South India Region" 
gssm1.example.com(config-gslb)# region UK comments "UK Region"
 
   

3. Create three locations that are to be associated with the region that you have created in Step 2.

gssm1.example.com(config-gslb)# location "San Jose" region "Western USA" zone 
USA-Datacenter comments "CNN San Jose Datacentre (USA)"
gssm1.example.com(config-gslb)# location Bangalore region "South India" zone 
India-Datacentre comments "CNN Datacenter in Bangalore (India)" 
gssm1.example.com(config-gslb)# location London region UK zone London comments London 
 
   

4. Create three Answers using the above locations.

gssm1.example.com(config-gslb)# answer vip 10.1.0.1 name SanJose-Vip location "San 
Jose" manual-reactivation disable activate
gssm1.example.com(config-gslb-ansvip)# keepalive type http-head
gssm1.example.com# answer vip 10.2.0.1 name Bangalore-Vip location Bangalore 
manual-reactivation disable activate
gssm1.example.com(config-gslb-ansvip)# keepalive type http-head
gssm1.example.com(config-gslb)# answer vip 10.3.0.1 name UK-Vip location London 
manual-reactivation disable activate
gssm1.example.com(config-gslb-ansvip)# keepalive type http-head
 
   

5. Create an answer group using the answers that you have created in Step 4.

gssm1.example.com(config-gslb)# answer-group group1 owner System type vip 
gssm1.example.com(config-gslb)# answer-add 10.1.0.1 name SanJose-Vip weight 1 order 0 
load-threshold 254 activate 
agssm1.example.com(config-gslb)# answer-add 10.2.0.1 name Bangalore-Vip weight 1 order 
0 load-threshold 254 activate 
gssm1.example.com(config-gslb)# answer-add 10.3.0.1name UK-Vip weight 1 order 0 
load-threshold 254 activate 
 
   

6. Create a DNS rule for the domain with geodb enabled at the clause level.

gssm1.example.com(config-gslb)# dns rule DNS-Rule1 owner System source-address-list 
Anywhere domain-list CNN-Domain activate 
gssm1.example.com(config-gslb-rule)# query a 
gssm1.example.com(config-gslb-rule)# clause 1 vip-group AG-1 method round-robin ttl 0 
count 1 geodb enable manual-reactivation disable activate
 
   

Note While enabling the proximity feature, you must disable the GeoDB feature explicitly if it is already enabled and vice versa.

For example,
gssm1.example.com (config-gslb-rule)# clause 1 vip-group ag1 method round-robin ttl 20 count 1 geodb disable
gssm1.example.com (config-gslb-rule)# clause 1 vip-group ag1 method round-robin ttl 20 count 1 proximity enable


The following are the usage guidelines when configuring the Geo-location-based proximity:

The GSS will calculate the geographical distance between the client's D-Proxy IP and the zone IP. The distance is calculated based upon the latitude and longitude information that is present in the Geo IP database (for both D-Proxy IP and Zone IP). The GSS will return an answer from a zone, which has least distance calculated between the client D-Proxy and the zone IP.

If the D-proxy or Zone IP is not present in the Geo-IP database, validate using the geodb database lookup ip-address command. If the IP address is not present, add a static entry using the geodb static-entry start-ip ip_address end-ip ip_address latitude number longitude number command.

For example,

gssm1.example.com(config-gslb)# geodb static-entry start-ip 192.168.1.1 end-ip 
192.168.1.1 latitude 20.0 longitude 77.0 countrycode "US" statename "All" 
 
   

The GSS handles aaaa record queries with the GeoDB enabled, when the query requests to the GSS are over IPv4 addresses.

If the client D-proxy or all the zone IP's are not present, the GSS returns SERVFAIL.

Managing GeoDB Static Entries

This section shows how to manage the GeoDB static entries and contains the following topics:

Adding a Static Entry

Displaying Static Entries

Adding a Static Entry

You use the geodb static-entry command in the global server load-balancing configuration mode to add static entries to the GeoDB database. This command also enables a graceful migration between GeoIP updates.

The syntax of this command is as follows:

geodb static-entry start-ip ip_address end-ip ip_address latitude number longitude number country code word : statename word

The keywords and arguments are as follows:

start-ip ip_address—Specifies the start of the IP address range.

latitude number—Specifies the latitude of the location where the IP address range is located.

longitude number—Specifies the longitude of the location where the IP address range is located.

end-ip ip_address—Specifies the end of the IP address range.

countrycode word—Specifies the country code.

statename word—Specifies the statename.

For example, to add a static entry, enter:

gssm1.example.com(config)# gslb
gssm1.example.com(config-gslb)# geodb static-entry start-ip 10.78.18.191 end-ip 
10.78.18.194 latitude -180.0 longitude 0.0 countrycode IN statename KA
gssm1.example.com(config-gslb)# 
 
   

To remove a static entry, use the no form of the command.

For example, to remove a static entry, enter:

gssm1.example.com(config)# gslb
gssm1.example.com(config-gslb)# no geodb static-entry start-ip 10.78.18.191 end-ip 
10.78.18.194 latitude -180.0 longitude 0.0 countrycode IN statename KA
gssm1.example.com(config-gslb)# 

Displaying Static Entries

You use the show gslb-config static-entry command in the global server load-balancing configuration mode to display the static entries previously added to the GeoDB database.

The syntax of this command is as follows:

show gslb-config geodb-static-entry

For example, to display previously created statistic entries, enter:

gssm1.example.com(config)# gslb
gssm1.example.com# show gslb-config geodb-static-entry
gssm1.example.com(config-gslb)# 

Monitoring GeoDB Statistics

This section shows how to display the GeoDB statistical information and contains the following topics:

Monitoring Database Statistics

Monitoring Lookup Statistics

Monitoring Rule Hit Statistics

Monitoring Database Statistics

You use the show statistics geodb database command to display information about the GeoDB statistics configured for the GSS.

For example, to display previously created database statistics, enter:

gssm1.example.com# show statistics geodb database
Proximity Database Statistics:
 
   
  Number of entries in use:             0
  Number of add entries dropped:        0
  Max number of entries used:           0
  Max number of entries allowed:        500
 
   
  Number of database dump started:      0
  Number of database dump completed:    0
  Number of database dump failed:       0
  Last database dump started time:      n/a
  Last database dump failed time:       n/a
 
   
  Number of database cleanup started:   0
  Number of database cleanup completed: 0
  Number of database cleanup failed:    0
  Last database cleanup started time:   n/a
  Last database cleanup failed time:    n/a

Monitoring Lookup Statistics

You use the show statistics geodb lookup command to display information about the GeoDB statistics configured for the GSS.

For example, to display previously created lookup statistics, enter:

gssm1.example.com# show statistics geodb lookup
Lookup Statistics
  Total lookup requests:              0
  Database entry not found:           0
  Partial Distance data returned:    0
  Current lookup request rate:        0
  Peak lookup request rate:           0
  Lookup failed due to database full: 0
  Last database full happened:        n/a

Monitoring Rule Hit Statistics

You use the show statistics dns geodb rule command to display information about the GeoDB rule hits configured for the GSS.

For example, to display previously created rule hits statistics, enter:

gssm1.example.com# show statistics dns geodb rule
 
   
  rule1  geodbHitCount=123           geodbSuccessCount=123
  rule2  geodbHitCount=5               geodbSuccessCount=5
  rule3  geodbHitCount=7               geodbSuccessCount=6

Where to Go Next

If you plan to use DNS sticky for your global server load balancing, configure local or global DNS sticky for GSS devices in your network. See Chapter 9, Configuring DNS Sticky, for details.