This documentation has been moved
Configuring a DRP Server Agent
Downloads: This chapterpdf (PDF - 234.0KB) The complete bookPDF (PDF - 3.01MB) | Feedback

Configuring a DRP Server Agent

Table Of Contents

Configuring a DRP Server Agent

Contents

Restrictions for Configuring a DRP Server Agent

Information About Configuring a DRP Server Agent

Director Response Protocol

DRP Server Agent

Racing Message

Boomerang Metric

Benefits of a DRP Server Agent

How to Configure a DRP Server Agent

Enabling the DRP Server Agent

Limiting the Source of DRP Queries

Configuring Authentication of DRP Queries and Responses

Authentication Keys and Key Chains

Restrictions

Monitoring and Maintaining a DRP Server Agent

Adding a New Domain or Configuring an Existing Domain

Configuring a Domain Name Alias

Configuring the Server Address of a Domain

Configuring an IP Time-to-Live Value

Configuring a DNS TTL Value

Verifying Boomerang Information on a DRP Server Agent

Troubleshooting Tips

Configuration Examples for Configuring a DRP Server Agent

Enabling a DRP Server Agent and Limiting Query Sources: Example

Adding a New Domain or Configuring an Existing Domain: Example

Configuring a Domain Name Alias: Example

Configuring the Server Address of a Domain: Example

Configuring an IP TTL Value: Example

Configuring a DNS TTL Value: Example

Additional References

Related Documents

Technical Assistance

Feature Information for Configuring a DRP Server Agent


Configuring a DRP Server Agent


First Published: July 6, 1999
Last Updated: October 11, 2006

This module describes how to configure a Director Response Protocol (DRP) Agent and how to configure support for the boomerang metric on a DRP Server Agent.

Finding Feature Information in This Module

Your Cisco IOS software release may not support all the features documented in this module. To reach links to specific feature documentation in this module and to see a list of the releases in which each feature is supported, use the "Feature Information for Configuring a DRP Server Agent" section.

Finding Support Information for Platforms and Cisco IOS and Catalyst OS Software Images

Use Cisco Feature Navigator to find information about platform support and Cisco IOS and Catalyst OS software image support. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.

Contents

Restrictions for Configuring a DRP Server Agent

Information About Configuring a DRP Server Agent

How to Configure a DRP Server Agent

Configuration Examples for Configuring a DRP Server Agent

Additional References

Feature Information for Configuring a DRP Server Agent

Restrictions for Configuring a DRP Server Agent

When DistributedDirector is upgraded to include the boomerang function, DRP Server Agents must be made aware that boomerang is present.

Information About Configuring a DRP Server Agent

To configure a DRP Server Agent or to configure one with Boomerang support, you should understand the following concepts:

Director Response Protocol

DRP Server Agent

Racing Message

Boomerang Metric

Benefits of a DRP Server Agent

Director Response Protocol

DRP is a simple User Datagram Protocol (UDP)-based application developed by Cisco Systems. DRP enables the Cisco DistributedDirector product to query routers (DRP Server Agents) in the field for Border Gateway Protocol (BGP) and Interior Gateway Protocol (IGP) routing table metrics between distributed servers and clients. DistributedDirector, separate standalone software, uses DRP to transparently redirect end-user service requests to the topologically closest responsive server. DRP enables DistributedDirector to provide dynamic, scalable, and "network intelligent" Internet traffic load distribution among multiple geographically dispersed servers.

DRP Server Agent

A DRP Server Agent is a border router or peer to a border router that supports the geographically distributed servers for which DistributedDirector service is desired. DistributedDirector makes decisions based on BGP and IGP information, meaning that all DRP Server Agents must have full access to BGP and IGP routing tables.

Racing Message

A racing message occurs when DistributedDirector receives a Domain Name System (DNS) query from a DNS client for a hostname that has the boomerang metric configured. DistributedDirector issues a DNS racing message to the different DRP Server Agents. In the message, DistributedDirector instructs each DRP Server Agent to respond directly to the client with the answer. The instruction, which is determined by the DistributedDirector configuration, also specifies whether the response should be sent at a specific time or after a certain delay.

Boomerang Metric

Boomerang is a DRP metric for DistributedDirector. When the boomerang metric is active, DistributedDirector instructs the DRP to send DNS responses directly to the querying client. The DNS response contains addresses of sites associated with a specific DRP Server Agent. All involved DRP Server Agents send their DNS responses at the same time. The packet of the DRP that is nearest to the client in terms of delay arrives first. The client may take the first answer and ignore subsequent ones, which is a standard behavior of all local DNS server implementations. Full boomerang support can be configured on a DRP Server Agent. The boomerang client is the DRP Server Agent.

The boomerang metric enables a boomerang client on the DRP Server Agent to communicate with boomerang-supported servers. The metric promotes interoperability among different content routers within Cisco. The boomerang client on the DRP Server Agent can communicate with any boomerang server, not only servers implemented on DistributedDirector.

When a boomerang DRP Server Agent receives a DNS racing message from boomerang servers, the DRP extracts the domain name specified in the DNS message. A DRP Server Agent with Boomerang support can be configured on this specified domain.

Benefits of a DRP Server Agent

DRP Server Agents provide the following benefits:

Use of DistributedDirector service is facilitated.

A means to select a site with the fastest response time is provided with Boomerang support.

Congestion and link failures are dynamically recognized and avoided with Boomerang support.

How to Configure a DRP Server Agent

Perform these tasks to configure and maintain a DRP Server Agent.

Enabling the DRP Server Agent

Limiting the Source of DRP Queries

Configuring Authentication of DRP Queries and Responses

Monitoring and Maintaining a DRP Server Agent

Adding a New Domain or Configuring an Existing Domain

Configuring a Domain Name Alias

Configuring the Server Address of a Domain

Configuring an IP Time-to-Live Value

Configuring a DNS TTL Value

Verifying Boomerang Information on a DRP Server Agent

Enabling the DRP Server Agent

Perform this task to enable a DRP Server Agent (it is disabled by default).

SUMMARY STEPS

1. enable

2. configure terminal

3. ip drp server

4. exit

DETAILED STEPS

 
Command or Action
Purpose

Step 1 

enable

Example:

Router> enable

Enables privileged EXEC mode.

Enter your password if prompted.

Step 2 

configure terminal

Example:

Router# configure terminal

Enters global configuration mode.

Step 3 

ip drp server

Example:

Router(config)# ip drp server

Enables a DRP Server Agent.

Step 4 

exit

Example:

Router(config)# exit

Returns the CLI to privileged EXEC mode.

Limiting the Source of DRP Queries

As a security measure, you can limit the source of valid DRP queries. When a standard IP access list is applied to an interface, the DRP Server Agent will respond only to DRP queries originating from an IP address in that list. If no access list is configured, the DRP Server Agent answers all queries.

When both an access group and a key chain (described in the next section) have been configured, both security mechanisms must allow access before a request is processed.

Perform this task to limit the source of valid DRP queries.

SUMMARY STEPS

1. enable

2. configure terminal

3. ip drp access-group access-list-number

4. exit

 
Command
Purpose

Step 1 

enable

Example:

Router> enable

Enables privileged EXEC mode.

Enter your password if prompted.

Step 2 

configure terminal

Example:

Router# configure terminal

Enters global configuration mode.

Step 3 

ip drp access-group access-list-number

Example:

Router(config)# ip drp access-group 1

Controls the sources of valid DRP queries by applying a standard IP access list.

In this instance, the access list is number 1.

Step 4 

exit

Example:

Router(config)# exit

Returns the command-line interface (CLI) to privileged EXEC mode.

DETAILED STEPS

Configuring Authentication of DRP Queries and Responses

Perform this task to define a key chain, identify the keys that belong to the key chain, and optionally specify the time period during which each key is valid.

Authentication Keys and Key Chains

Another available security measure is to configure the DRP Server Agent to authenticate DRP queries and responses.

When configuring key chains and keys, use the following guidelines:

The name of the key chain configured for DRP authentication must match the name of the key chain configured.

The key configured in the primary agent in the remote router must match the key configured in the DRP Server Agent for responses to be processed.

You can configure multiple keys with lifetimes and the software will rotate through them.

If authentication is enabled and multiple keys on the key chain are active based on the send-lifetime values, the software uses only the first key it encounters for authentication.

Use the show key chain command to display key chain information.

Restrictions

To configure lifetimes for DRP authentication, you must configure time services for your router.

SUMMARY STEPS

1. enable

2. configure terminal

3. ip drp authentication key-chain name-of-chain

4. key chain name-of-chain

5. key key-id

6. key-string text

7. accept-lifetime start-time {infinite | end-time | duration seconds}

8. send-lifetime start-time {infinite | end-time | duration seconds}

9. exit

 
Command
Purpose

Step 1 

enable

Example:

Router> enable

Enables privileged EXEC mode.

Enter your password if prompted.

Step 2 

configure terminal

Example:

Router# configure terminal

Enters global configuration mode.

Step 3 

ip drp authentication key-chain name-of-chain

Example:

Router(config)# ip drp authentication key-chain mktg

Identifies the key chain to be used for authenticating all DRP requests and responses.

Step 4 

key chain name-of-chain

Example:

Router(config)# key chain mktg

Identifies the key chain named in Step 3 and places the CLI in key chain configuration mode.

Step 5 

key key-id

Example:

Router(config-keychain)# key 1

Identifies the key number 1.

Step 6 

key-string text

Example:

Router(config-keychain-key)# key-string internal

Identifies the key string as internal.

Step 7 

accept-lifetime start-time {infinite | end-time | duration seconds}

Example:

Router(config-keychain-key)# accept-lifetime 15:00:00 Oct 12 2006 600

(Optional) Specifies the time period during which the key can be received.

In this instance, the time period is 600 seconds.

Step 8 

send-lifetime start-time {infinite | end-time | duration seconds}

Example:

Router(config-keychain-key)# send-lifetime 14:30:00 Oct 12 2006 300

(Optional) Specifies the time period during which the key can be sent.

In this instance, the time period is 300 seconds.

Step 9 

exit

Example:

Router(config)# exit

Returns the CLI to privileged EXEC mode.

DETAILED STEPS

Monitoring and Maintaining a DRP Server Agent

Perform this task to monitor and maintain a DRP Server Agent.

SUMMARY STEPS

1. enable

2. clear ip drp

3. show ip drp

4. exit

DETAILED STEPS

 
Command or Action
Purpose

Step 1 

enable

Example:

Router> enable

Enables privileged EXEC mode.

Enter your password if prompted.

Step 2 

clear ip drp

Example:

Router# clear ip drp

Clears statistics being collected for DRP requests and responses.

Step 3 

show ip drp

Example:

Router# show ip drp

Displays information about the DRP Server Agent.

Step 4 

exit

Example:

Router# exit

Returns the CLI to user EXEC mode.

Adding a New Domain or Configuring an Existing Domain

Perform this task to add a new domain to the DistributedDirector client or to configure an existing domain. This task is performed on the DRP Server Agent.

1. enable

2. configure terminal

3. ip drp domain domain-name

4. exit

DETAILED STEPS

 
Command or Action
Purpose

Step 1 

enable

Example:

Router> enable

Enables privileged EXEC mode.

Enter your password if prompted.

Step 2 

configure terminal

Example:

Router# configure terminal

Enters global configuration mode.

Step 3 

ip drp domain domain-name

Example:

Router(config)# ip drp domain www.boom1.com

Specifies a domain to be added or configured and puts the CLI in boomerang configuration mode.

The domain in this example is named www.boom1.com.

Step 4 

exit

Example:

Router(config-boomerang)# exit

Returns the CLI to privileged EXEC mode.

Configuring a Domain Name Alias

Perform this task to configure an alias name for a specified domain.

SUMMARY STEPS

1. enable

2. configure terminal

3. ip drp domain domain-name

4. alias alias-name

5. exit

DETAILED STEPS

 
Command
Purpose

Step 1 

enable

Example:

Router> enable

Enables privileged EXEC mode.

Enter your password if prompted.

Step 2 

configure terminal

Example:

Router# configure terminal

Enters global configuration mode.

Step 3 

ip drp domain domain-name
Example:
Router(config)# ip drp domain 
www.boom1.com

Specifies a domain to be added or configured and puts the CLI in boomerang configuration mode.

Step 4 

alias alias-name

Example:
Router(config-boomerang)# alias 
www.boom2.com

Configures an alias name for a specified domain.

The alias name in this example is www.boom2.com.

Step 5 

exit

Example:

Router(config-boomerang)# exit

Returns the CLI to privileged EXEC mode.

Configuring the Server Address of a Domain

Perform this task to configure the server address for a specified boomerang domain.

SUMMARY STEPS

1. enable

2. configure terminal

3. ip drp domain domain-name

4. server server-ip-address

5. exit

DETAILED STEPS

 
Command
Purpose

Step 1 

enable

Example:

Router> enable

Enables privileged EXEC mode.

Enter your password if prompted.

Step 2 

configure terminal

Example:

Router# configure terminal

Enters global configuration mode.

Step 3 

ip drp domain domain-name

Example:

Router(config)# ip drp domain www.boom1.com

Specifies a domain to be added or configured and puts the CLI in boomerang configuration mode.

Step 4 

server server-ip-address

Example:
Router(config-boomerang)# server 
172.16.101.101

Configures an IP address for a specified domain.

Step 5 

exit

Example:

Router(config-boomerang)# exit

Returns the CLI to privileged EXEC mode.

Configuring an IP Time-to-Live Value

Perform this task to configure the IP time-to-live (TTL) value for packets sent from a boomerang client to a DNS client, in number of hops.

SUMMARY STEPS

1. enable

2. configure terminal

3. ip drp domain domain-name

4. ttl ip hops

5. exit

 
Command
Purpose

Step 1 

enable

Example:

Router> enable

Enables privileged EXEC mode.

Enter your password if prompted.

Step 2 

configure terminal

Example:

Router# configure terminal

Enters global configuration mode.

Step 3 

ip drp domain domain-name

Example:

Router(config)# ip drp domain www.boom1.com

Specifies a domain to be added or configured and puts the CLI in boomerang configuration mode.

Step 4 

ttl ip hops

Example:
Router(config-boomerang)# ttl ip 2

Configures the maximum number of hops between the boomerang client and the DNS client, after which the boomerang response packet fails.

The number of hops in this example is 2.

Step 5 

exit

Example:

Router(config-boomerang)# exit

Returns the CLI to privileged EXEC mode.

DETAILED STEPS

Configuring a DNS TTL Value

Perform this task to configure the number of seconds that a DNS client will cache an answer received from a boomerang client.

SUMMARY STEPS

1. enable

2. configure terminal

3. ip drp domain domain-name

4. ttl dns seconds

5. exit

 
Command
Purpose

Step 1 

enable

Example:

Router> enable

Enables privileged EXEC mode.

Enter your password if prompted.

Step 2 

configure terminal

Example:

Router# configure terminal

Enters global configuration mode.

Step 3 

ip drp domain domain-name

Example:

Router(config)# ip drp domain www.boom1.com

Specifies a domain to be added or configured and puts the CLI in boomerang configuration mode.

Step 4 

ttl dns seconds

Example:
Router(config-boomerang)# ttl dns 10

Configures the number of seconds for which the DNS client can cache a boomerang reply from a boomerang client. The number of seconds in this example is 10.

Step 5 

exit

Example:

Router(config-boomerang)# exit

Returns the CLI to privileged EXEC mode.

DETAILED STEPS

Verifying Boomerang Information on a DRP Server Agent

Perform this task to verify that boomerang support was successfully configured on a DRP Server Agent.

Router# show ip drp boomerang

DNS packets with unknown domain 0         

Domain www.boom1.com
Content server            172.16.101.101 up
Origin server                    0.0.0.0
DNS A record requests                  0
Dropped (server down)                  0
Dropped (no origin server)             0
Security failures                      0

Alias www.boom2.com
DNS A record requests                  0

Step 1 Enter the show ip drp command to display additional information such as the number of requests received from DistributedDirector, the total number of boomerang requests, and the number of boomerang responses made by a DRP Server Agent.

Router# show ip drp 

Director Responder Protocol Agent is enabled
3 director requests:
0 successful route table lookups
0 successful measured lookups
0 no route in table
0 nortt
0 DRP packet failures returned
3 successful echos
6 Boomerang requests
0 Boomerang-raced DNS responses
Authentication is enabled, using "DD" key-chain
rttprobe source port is     :53
rttprobe destination port is:53


Troubleshooting Tips

If the ip drp domain domain-name command is configured on the DRP Server Agent, but a corresponding server address is not specified for this domain name, the content-server field defaults to 0.0.0.0. The show ip drp boomerang command displays this information. In this case, the DRP Server Agent would be removed from the boomerang configuration. To include it again, enter boomerang configuration mode and specify a server address.

Router> enable
Router# configure terminal
Router(config)# ip drp domain www.boom1.com
Router(config-boomerang)# server 172.16.101.101

Configuration Examples for Configuring a DRP Server Agent

Enabling a DRP Server Agent and Limiting Query Sources: Example

Adding a New Domain or Configuring an Existing Domain: Example

Configuring a Domain Name Alias: Example

Configuring the Server Address of a Domain: Example

Configuring an IP TTL Value: Example

Configuring a DNS TTL Value: Example

Enabling a DRP Server Agent and Limiting Query Sources: Example

The following example shows how to enable the DRP Server Agent, limit the sources of DRP queries to those listed in access list 1, and configure authentication for DRP queries and responses. The access list permits queries from only the host at address 192.168.5.5.

ip drp server
access-list 1 permit 192.168.5.5
ip drp access-group 1
ip drp authentication key-chain mktg
key chain mktg
 key 1
  key-string internal

Adding a New Domain or Configuring an Existing Domain: Example

In the following example, a domain named www.boom1.com is added on a boomerang client:

ip drp domain www.boom1.com

show running-configuration
.
.
ip drp domain www.boom1.com

Configuring a Domain Name Alias: Example

In the following example, the domain name alias configured for www.boom1.com is www.boom2.com:

ip drp domain www.boom1.com
alias www.boom2.com

show running-configuration
.
.
ip drp domain www.boom1.com
alias www.boom2.com

Configuring the Server Address of a Domain: Example

In the following example, the server address is configured for www.boom1.com. The server address for www.boom1.com is 172.16.101.101.

ip drp domain www.boom1.com
server 172.16.101.101

show running-configuration
.
.
ip drp domain www.boom1.com
content-server 172.16.101.101

Configuring an IP TTL Value: Example

In the following example, the number of hops that occur between the boomerang client and the DNS client before the boomerang response packet fails is 2:

ip drp domain www.boom1.com
ttl ip 2

show running-configuration
.
.
ip drp domain www.boom1.com
ip-ttl 2

Configuring a DNS TTL Value: Example

In the following example, the number of seconds for which the DNS client can cache a boomerang reply from a boomerang client is 10:

ip drp domain www.boom1.com
ttl dns 10

show running-configuration
.
.
ip drp domain www.boom1.com

dns-ttl 10

Additional References

The following sections provide references related to the Configuring a DRP Server Agent module.

Related Documents

Related Topic
Document Title

DRP Server Agent related commands

Cisco IOS Network Management Command Reference, Release 12.4

Configuring DistributedDirector

The "DistributedDirector Configuration" chapter of the Cisco IOS Network Management Configuration Guide, Release 12.4

Cisco DistributedDirector 4700-M Installation and Configuration Guide

DistributedDirector Boomerang Support

The "DistributedDirector Boomerang Support" chapter of the Cisco IOS Network Management Configuration Guide, Release 12.4

Network Time Protocol and setting time services

The "Performing Basic System Management" chapter of the Cisco IOS Network Management Configuration Guide, Release 12.4


Technical Assistance

Description
Link

The Cisco Technical Support & Documentation website contains thousands of pages of searchable technical content, including links to products, technologies, solutions, technical tips, tools, and technical documentation. Registered Cisco.com users can log in from this page to access even more content.

http://www.cisco.com/techsupport


Feature Information for Configuring a DRP Server Agent

Table 1 lists the features in this module and provides links to specific configuration information. Only features that were introduced or modified in Cisco IOS Release 11.2(4)F or Cisco IOS Release 12.2(8)T or a later release appear in the table.

Not all commands may be available in your Cisco IOS software release. For release information about a specific command, see the command reference documentation.

Use Cisco Feature Navigator to find information about platform support and software image support. Cisco Feature Navigator enables you to determine which Cisco IOS and Catalyst OS software images support a specific software release, feature set, or platform. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.


Note Table 1 lists only the Cisco IOS software release that introduced support for a given feature in a given Cisco IOS software release train. Unless noted otherwise, subsequent releases of that Cisco IOS software release train also support that feature.


Table 1 Feature Information for Configuring a DRP Server Agent 

Feature Name
Releases
Feature Information

DRP Agent—Boomerang Support

12.2(8)T

Boomerang is a DRP metric for DistributedDirector. When the boomerang metric is active, DistributedDirector instructs the DRP to send DNS responses directly to the querying client. The DNS response contains the addresses of sites associated with a specific DRP Server Agent.

The following sections provide information about this feature:

Director Response Protocol

DRP Server Agent

Racing Message

Boomerang Metric

Benefits of a DRP Server Agent

How to Configure a DRP Server Agent

Adding a New Domain or Configuring an Existing Domain

Configuring a Domain Name Alias

Configuring the Server Address of a Domain

Configuring an IP Time-to-Live Value

Configuring a DNS TTL Value

Verifying Boomerang Information on a DRP Server Agent

DRP Server Agent

11.2(4)F

A DRP Server Agent is a border router or peer to a border router that supports the geographically distributed servers for which DistributedDirector service is desired.

The following sections provide information about this feature:

Director Response Protocol

DRP Server Agent

Enabling the DRP Server Agent

Limiting the Source of DRP Queries

Configuring Authentication of DRP Queries and Responses

Monitoring and Maintaining a DRP Server Agent