Table Of Contents

Rule Configuration Mode Commands

(config-gslb-rule) clause number cra-group

(config-gslb-rule) clause number ns-group

(config-gslb-rule) clause number vip-group

(config-gslb-rule) no

(config-gslb-rule) sticky method

(config-gslb-rule) sticky timeout

Rule Configuration Mode Commands

This section describes the commands in rule configuration mode. Rule configuration mode allows you to configure Domain Name System (DNS) rules that specify the actions that each GSS is to perform when it receives a request from a known source for a known hosted domain. In this mode, you specify and configure load-balance clauses and optional DNS sticky and network proximity settings.

dns rule name {owner name | source-address-list name | domain-list name | query {a | all}}

Syntax Description

dns rule name	Specifies the name for the DNS rule. Enter a unique alphanumeric name with a maximum of 80 characters. Names should not contain spaces.
owner name	Specifies the name of a previously created owner with whom the rule will be associated. The default owner is System.
source-address-list name	Specifies the name of a previously created source address list from which requests will originate. The DNS rule is applied only to requests coming from one of the addresses in the source address list. If you do not choose a source address list, the GSS automatically uses the default list Anywhere.
domain-list name	Specifies the name of a previously created domain list to which DNS queries will be addressed. The DNS rule is applied only to requests coming from one of the addresses in the source address list and for a domain on the specified domain list.
query	Specifies the type of DNS query to apply to the rule. Choose one of the following: •a —The DNS rule is applied only to answer address record (A record) requests originating from a host on the configured source address list. Any requests with unsupported query types (for example, MX, PTR, or CNAME records) that match this DNS rule are dropped and not answered by the GSS. For an AAAA query with a configured host domain, the GSS returns a NODATA (No Answer, No Error) response for the requester to make a subsequent A-record query. •All—The DNS rule is applied to all DNS queries originating from a host on the configured source address list. For any request other than an A-record query (for example, MX or CNAME record), the GSS forwards the request to a name server configured in one of the three balance clauses. When the GSS receives the response from the name server, it delivers the response to the requesting client D-proxy.

Usage Guidelines

The GSS can use a maximum of three possible balance method clauses in a DNS rule to select the most appropriate resource to serve a user request. Each balance method provides a different algorithm for selecting one answer from a configured answer group. Each clause specifies that a particular answer group serve the request and a specific balance method be used to select the best resource from that answer group.

When you select the All option for query type, you must configure one balance clause to include a name server-type answer group.

Examples

The following example shows how to access the rule configuration mode, use the dns rule name command in global configuration mode. The CLI prompt changes to the rule configuration mode as follows:

gssm1.example.com(config)# gslb

gssm1.example.com(config-gslb)# dns rule drule02 owner WEB-SERVICES source-address-list 
WEB-GLOBAL-LISTS domain-list E-COMMERCE query A

gssm1.example.com(config-gslb-rule[rule-name])#

(config-gslb-rule) clause number cra-group

To create balance clauses for a Domain Name System (DNS) rule that use content routing agent (CRA)-type answer groups, use the clause number cra-group command in the rule configuration mode. To reset the balance clause settings to their default values, use the no form of this command.

clause number cra-group name [fragment number | ip-ttl number | manual-reactivation {enable | disable} | max-prop-delay number | method boomerang | pad number | secret key | server-delay number | ttl number]

no clause number cra-group name [fragment number | ip-ttl number | manual-reactivation enable | max-prop-delay number | method boomerang | pad number | secret key | server-delay number | ttl number]

Syntax Description

number	Balance clause number (1 or 2). You can specify a maximum of two balance clauses that use CRA-type answers.
cra-group name	Specifies the name of a previously created CRA-type answer group.
fragment number	(Optional) Specifies the number of address records (A-records) that you want the GSS to return for requests that match the DNS rule. The default is 1 record.
ip-ttl number	(Optional) Specifies the maximum number of network hops that should be used when returning a response to a CRA from a match on a DNS rule.
manual-reactivation	(Optional) Determines whether or not the GSS reactivates the clause automatically when it becomes available for use after being unavailable because all the answers in the answer group associated with it were either offline or overloaded. Use one of the following keywords with this option: •enable—Enables the manual reactivation function. The GSS suspends the clause if it goes offline and changes its status to "operational suspend." The clause remains suspended until you reactivate it. Note If you enable the manual reactivate function for an clause, you must also enable the global manual reactivate function for it to work (see "(config-gslb) manual-reactivation"). •disable—Disables manual reactivation (default). If the clause goes offline, the GSS automatically reactivates the clause when it returns to an online state.
max-prop-delay number	(Optional) Specifies the maximum propagation delay, which is the maximum delay (in milliseconds) that is observed before the boomerang server component of the GSS forwards a DNS request to a CRA.
method boomerang	(Optional) Specifies that the balance method use the boomerang DNS race to determine the best site. See the Boomerang Race section in Chapter 1, Introducing the Global Site Selector in the Global Site Selector CLI-Based Global Load Balancing Configuration Guide for more information about this balance method type.
pad number	(Optional) Specifies the amount of extra data (in bytes) included with each CRA response packet used to evaluate CRA bandwidth and latency when making load-balancing decisions.
secret key	(Optional) Specifies a text string with a maximum of 64 characters used to encrypt critical data sent between the GSS boomerang server and CRAs. This key must be the same for each configured CRA.
server-delay number	(Optional) Specifies the maximum delay (in milliseconds) that is observed before the boomerang server component of the GSS returns the address of its "last gasp" server as a response to the requesting name server.
ttl number	(Optional) Specifies the duration of time in seconds that the requesting DNS proxy caches the response sent from the GSS and considers it to be a valid answer. Valid entries are 0-604,800 seconds. The default is 20 seconds.

Command Modes

Rule configuration

Usage Guidelines

You can create up to two balance clauses that use CRA-type answer groups. A second balance clause applies only when the first clause is unable to provide an answer for the DNS query.

Always follow a balance clause that uses a CRA-type answer group with a balance clause that uses a VIP-type answer group. Doing so ensures that if none of the CRAs successfully respond to the DNS race request, a "last gasp" server response from the VIP-type balance clause is sent to the requesting name server.

Examples

The following example shows how to configure a balance clause for the DNS rule:

gssm1.example.com(config-gslb-rule[rule-name])# clause 1 cra-group ANSGRP-CRA-01 fragment 
2 pad 20 

The following example shows how to reset the balance clause settings for the DNS rule to the default settings:

gssm1.example.com(config-gslb-rule[rule-name])# no clause 1 cra-group ANSGRP-CRA-01 
fragment 2 pad 20 

Related Commands

(config-gslb) dns rule

(config-gslb) manual-reactivation

(config-gslb-rule) clause number ns-group

To create balance clauses for a Domain Name System (DNS) rule that use name server (NS)-type answer groups, use the clause number ns-group command in the rule configuration mode. To reset the balance clause settings to their default values, use the no form of this command.

clause number ns-group name [manual-reactivation {enable | disable} | method {round-robin | least-loaded | ordered | weighted-round-robin | hashed {domain-name | source-address | both}}]

no clause number ns-group name [manual-reactivation enable | method {round-robin | least-loaded | ordered | weighted-round-robin | hashed {domain-name | source-address | both}}]

Syntax Description

number	Balance clause number (1, 2, or 3). You can specify a maximum of three balance clauses that use NS-type answers.
ns-group name	Specifies the name of a previously created NS-type answer group.
manual- reactivation	(Optional) Determines whether or not the GSS reactivates the clause automatically when it becomes available for use after being unavailable because all the answers in the answer group associated with it were either offline or overloaded. Use one of the following keywords with this option: •enable—Enables the manual reactivation function. The GSS suspends the clause if it goes offline and changes its status to "operational suspend." The clause remains suspended until you reactivate it. Note If you enable the manual reactivate function for an clause, you must also enable the global manual reactivate function for it to work (see (config-gslb) manual-reactivation). •disable—Disables manual reactivation (default). If the clause goes offline, the GSS automatically reactivates the clause when it returns to an online state.
method	(Optional) Specifies the following method type for the balance clauses: •round-robin—The GSS cycles through the list of answers that are available as requests are received. This is the default setting. •least-loaded—The GSS selects an answer based on the load reported by each VIP in the answer group. The answer reporting the lightest load is chosen to respond to the request. The least-loaded option is available only for VIP-type answer groups that use a KAL-AP keepalive. •ordered—The GSS selects an answer from the list based on precedence; answers with a lower order number are tried first, while answers down the list are tried only if preceding answers are unavailable to respond to the request. The GSS supports gaps in numbering in an ordered list. •weighted-round-robin—The GSS cycles through the list of answers that are available as requests are received but sends requests to favored answers in a ratio determined by the weight value assigned to that resource. •hashed—The GSS selects the answer based on a unique value created from information stored in the request. The GSS supports two hashed balance methods. The GSS allows you to apply one or both hashed balance methods to the specified answer group: –domain-name—The GSS selects the answer based on a hash value created from the requested domain name. –source-address—The GSS selects the answer based on a hash value created from the source address of the request. –both—The GSS selects the answer based on both the source address and the domain name.

Command Modes

Rule configuration

Usage Guidelines

You can create up to three balance clauses that use NS-type answer groups. A second or third balance clause applies only when the preceding clause is unable to provide an answer for the DNS query.

When specifying ordered as a method type, be aware that for answers that have the same order number in an answer group, the GSS will only use the first answer that contains the number. We recommend that you specify a unique order number for each answer in an answer group.

Examples

The following example shows how to configure a balance clause for the DNS rule:

gssm1.example.com(config-gslb-rule[rule-name)# clause 1 ns-group ANSGRP-NS-01 method 
hashed both

The following example shows how to reset the balance clause settings for the DNS rule to the default settings:

gssm1.example.com(config-gslb-rule[rule-name])# no clause 1 ns-group ANSGRP-NS-01 method 
hashed both 

Related Commands

(config-gslb) dns rule

(config-gslb) manual-reactivation

(config-gslb-rule) clause number vip-group

To create balance clauses for a Domain Name System (DNS) rule that use VIP-type answer groups, use the clause number vip-group command in the rule configuration mode. To reset the balance clause settings to their default values, use the no form of this command.

clause number vip-group name [manual-reactivation {enable | disable} | method {round-robin | least-loaded | ordered | weighted-round-robin | hashed {domain-name | source-address | both}} [count number | ttl number]]

no clause number vip-group name [count number | ttl number | manual-reactivation enable | method {round-robin | least-loaded | ordered | weighted-round-robin | hashed {domain-name | source-address | both}} | sticky {enable | disable} | proximity {enable [rtt number | wait {enable | disable} zone number] | disable}]]

Syntax Description

number	Balance clause number (1, 2, or 3). You can specify a maximum of three balance clauses that use VIP-type answers.
vip-group name	Specifies the name of a previously created VIP-type answer group.
manual-reactivation	(Optional) Determines whether or not the GSS reactivates the clause automatically when it becomes available for use after being unavailable because all the answers in the answer group associated with it were either offline or overloaded. Use one of the following keywords with this option: •enable—Enables the manual reactivation function. The GSS suspends the clause if it goes offline and changes its status to "operational suspend." The clause remains suspended until you reactivate it. Note If you enable the manual reactivate function for a clause, you must also enable the global manual reactivate function for it to work (see (config-gslb) manual-reactivation). •disable—Disables manual reactivation (default). If the clause goes offline, the GSS automatically reactivates the clause when it returns to an online state.
method	(Optional) Specifies the following method types for the balance clauses: •round-robin—The GSS cycles through the list of answers that are available as requests are received. This is the default setting. •least-loaded—The GSS selects an answer based on the load reported by each VIP in the answer group. The answer reporting the lightest load is chosen to respond to the request. The least-loaded option is available only for VIP-type answer groups that use a KAL-AP keepalive. •ordered—The GSS selects an answer from the list based on precedence; answers with a lower order number are tried first, while answers down the list are tried only if preceding answers are unavailable to respond to the request. The GSS supports gaps in numbering in an ordered list. •weighted-round-robin—The GSS cycles through the list of answers that are available as requests are received but sends requests to favored answers in a ratio determined by the weight value assigned to that resource. •hashed—The GSS selects the answer based on a unique value created from information stored in the request. The GSS supports two hashed balance methods. The GSS allows you to apply one or both hashed balance methods to the specified answer group: –domain-name—The GSS selects the answer based on a hash value created from the requested domain name. –source-address—The GSS selects the answer based on a hash value created from the source address of the request. –both—The GSS selects the answer based on the source address and the domain name.
sticky	(Optional) Activates sticky for the clause when you specify enable. Deactivates sticky for the clause, when you specify disable (the default). To specify enable, make sure that the sticky method command option (see (config-gslb-rule) sticky method) is set to domain or domain-list.
proximity	(Optional) Activates proximity for the clause when you specify enable. Deactivates the proximity for the clause when you specify disable. When you specify enable, the following options are available: •rtt number—Changes the proximity-acceptable RTT for the balance clause to a different value from the global proximity configuration. Enter an acceptable RTT value from 50 to 500 ms. The default value is 100 ms. •wait enable/disable—Changes the proximity wait state to a different setting than the global proximity configuration. When enabled, the GSS waits to perform a proximity selection until it receives the appropriate RTT and zone information based on the proximity settings. When disabled, the GSS proceeds to the next balance clause in the DNS rule. •zone number—Changes the proximity-acceptable zone percentage for the balance clause to a different value from the global proximity configuration. This option specifies the percentage of all zones configured and is used for a DNS rule and answer group.
count number	(Optional) Specifies the number of address records (A-records) that you want the GSS to return for requests that match the DNS rule. The default is 1 record.
ttl number	(Optional) Specifies the duration of time in seconds that the requesting DNS proxy caches the response sent from the GSS and considers it to be a valid answer. Valid entries are 0 to 604,800 seconds. The default is 20 seconds.

Command Modes

Rule configuration

Usage Guidelines

When specifying ordered as a method type, be aware that for answers that have the same order number in an answer group, the GSS will use only the first answer that contains the number. We recommend that you specify a unique order number for each answer in an answer group.

You can create up to three balance clauses that use VIP-type answer groups. A second or third balance clause applies only when the preceding clause is unable to provide an answer for the DNS query.

If you configured a DNS rule with a balance clause that uses a content routing agent (CRA)-type answer group, you must immediately follow the CRA-type clause with a balance clause that uses a VIP-type answer group to ensure that if none of the CRAs successfully respond to the DNS race request, a "last gasp" server response from the VIP-type balance clause is sent to the requesting name server.

The GSS prevents you from enabling sticky on clause 2 if you do not first enable sticky on clause 1. This restriction is also true if you attempt to enable sticky on clause 3 without first configuring sticky on clause 2.

Examples

The following example shows how to configure a balance clause for the DNS rule:

gssm1.example.com(config-gslb-rule[rule-name])# clause 1 vip-group ANSGRP-VIP-01 method 
ordered ttl 60 

The following example shows how to reset the balance clause settings for the DNS rule to the default settings:

gssm1.example.com(config-gslb-rule[rule-name])# no clause 1 vip-group ANSGRP-VIP-01 method 
ordered ttl 60

Related Commands

(config-gslb) dns rule

(config-gslb) manual-reactivation

(config-gslb-rule) no

To negate a CLI command or set it to its default settings, use the no command. Some GSS CLI commands do not have a no form.

no command

Syntax Description

clause number cra-group	Resets the balance clause settings to their default values.
clause number ns-group	Resets the balance clause settings to their default values.
clause number vip-group	Resets the balance clause settings to their default values.
sticky method	Disables stickiness.
sticky timeout	Resets the global timeout value to the default value.

Command Modes

Interface configuration, global, and global server load-balancing configuration

Usage Guidelines

Use the no command to disable functions or negate a command. If you need to negate a specific command, such as the default gateway IP address, you must include the specific string in your command, such as no ip default-gateway ip-address.

Examples

The following example shows how to negate a CLI command or set it to its default settings:

gss1.example.com(config)# no ip name-server 10.11.12.14

gss1.example.com(config)# no ntp-server 172.16.22.44 

(config-gslb-rule) sticky method

To define how the GSS supports Domain Name System (DNS) stickiness in a DNS rule, use the sticky method command in the rule configuration mode. To disable stickiness (the default setting), use he no form of this command.

sticky method {domain | domain-list} [timeout number]

no sticky method {domain | domain-list} [timeout number]

Syntax Description

domain	Enables DNS stickiness on a domain. For all requests from a single D-proxy, the GSS sends the same answer for a domain.
domain-list	Enables DNS stickiness on a matching domain list. The GSS groups all domains in the domain list and treats them as a single hosted domain. The GSS treats wildcards in the domain lists the same as non-wildcard domains.
timeout number	(Optional) Overrides the global timeout value set for a DNS rule. Enter the maximum time interval that can pass without the sticky database receiving a lookup request for an entry. Enter a value from 15-10080 minutes, defined in 5-minute intervals (15, 20, 25, 30, and up to 10080).

Command Modes

Rule configuration

Usage Guidelines

Sticky is disabled by default. When disabled, the GSS answers DNS requests for all domains and clients that pertain to the DNS rule, subject to DNS rule matching, without accessing the sticky database or sharing sticky database information between peers in the network.

For rules matching on a domain wildcard (for example, *.cisco.com), entries are stuck together using the global configuration ID assigned to the wildcard. The GSS does not attempt to distinguish the individual domains that match the wildcard.

Every time the GSS returns an answer to the requesting client D-proxy, the GSS resets the expiration time of the answer to the value set for timeout. When the sticky timeout value elapses without the client again requesting the answer, the GSS identifies the answer as invalid and purges it from the sticky database.

The sticky timeout is accurate to within 5 minutes of the specified value. Each entry will persist in the sticky database for the configured sticky timeout value and may remain in the sticky database for no longer than 5 minutes past the specified value.

Examples

The following example shows how to define how the GSS supports DNS stickiness in a DNS rule:

gssm1.example.com(config-gslb)# dns rule drule02

gssm1.example.com(config-gslb-rule[rule-name])# sticky method domain timeout 250

gssm1.example.com(config-gslb-rule[rule-name])#

Related Commands

(config-gslb) dns rule

(config-gslb-rule) sticky timeout

To override the global timeout value set for a Domain Name System (DNS) rule, use the sticky timeout command in the rule configuration mode. To reset the global timeout value to the default value, use the no form of this command.

sticky timeout number

no sticky timeout number

Syntax Description

number

Global timeout value set for a DNS rule that is overwritten. Enter the maximum time interval that can pass without the sticky database receiving a lookup request for an entry. Enter a value from 15-10080 minutes, defined in 5-minute intervals (15, 20, 25, 30, and up to 10080).

Command Modes

Rule configuration

Usage Guidelines

You can specify the timeout value for a DNS rule by setting the timeout variable in the sticky method command.

Every time the GSS returns an answer to the requesting client D-proxy, the GSS resets the expiration time of the answer to the value set for sticky timeout. When the sticky timeout value elapses without the client again requesting the answer, the GSS identifies the answer as invalid and purges it from the sticky database.

The sticky timeout is accurate to within 5 minutes of the specified value. Each entry will persist in the sticky database for the configured sticky timeout value and may remain in the sticky database for no longer than 5 minutes past the specified value.

Examples

The following example shows how to override the global timeout value set for a DNS rule:

gssm1.example.com(config-gslb)# dns rule drule02

gssm1.example.com(config-gslb-rule[rule-name])# sticky timeout 150

gssm1.example.com(config-gslb-rule[rule-name])#