-
Cisco GSS CLI-Based Global Server Load-Balancing Configuration Guide (Software Version 3.1)
-
Index
-
Preface
-
Introducing the Global Site Selector
-
Configuring Resources
-
Configuring Source Address Lists
-
Configuring Domain Lists
-
Configuring Keepalives
-
Configuring Answers and Answer Groups
-
Building and Modifying DNS Rules
-
Configuring DNS Sticky
-
Configuring the Network Proximity
-
Configuring DDoS Prevention
-
Configuring and Playing GSLB Configuration Files
-
Displaying Global Server Load-Balancing Configuration Information
-
Displaying GSS Global Server Load-Balancing Statistics
-
Primary GSSM Global Server Load-Balancing Error Messages
-
Sticky and Proximity XML Schema Files
-
Glossary
-
Table Of Contents
Configuring Source Address Lists
Logging in to the CLI and Enabling Privileged EXEC Mode
Configuring Source Address Lists
Displaying Source Address List Information
Configuring Source Address Lists
This chapter describes how to configure DNS request handling on your GSS network by defining the IP addresses from which requests are sent to the GSS. Configure GSS request handling by creating source address lists and collections of IP addresses for known client DNS proxies (or D-proxies).
Note
The deployment of source address lists is an optional process. A default source address list, named Anywhere, is supplied with the GSS software and matches any request for a domain.
By using the source address lists feature, you can enter one or more IP addresses, with a maximum of 30 addresses for each list, to represent the DNS proxies from which requests originate. Each GSS supports a maximum of 60 source address lists.
This chapter contains the following major sections:
•
•
•
Logging in to the CLI and Enabling Privileged EXEC Mode
Note
To log in to the primary GSSM and enable privileged EXEC mode at the CLI, perform the following steps:
1.
If you are using a direct serial connection between your terminal and the GSSM, use a terminal emulation program to access the CLI. For details about making a direct connection to the GSS device using a dedicated terminal and about establishing a remote connection using SSH or Telnet, see the Cisco Global Site Selector Getting Started Guide.
2.
gssm1.example.com>3.
gssm1.example.com> enablegssm1.example.com#If you are accessing the GSS remotely using Telnet or SSH, the CLI prompts you for the enable password. The default password is default. For more information about the enable password and configuring a new password, see the Cisco Global Site Selector Getting Started Guide.
The prompt changes from the user-level EXEC right angle bracket (>) prompt to the privileged-level EXEC pound sign (#).
Configuring Source Address Lists
You configure a source address list by using the source-address-list command in global server load-balancing configuration mode.
The syntax of this command is as follows:
source-address-list name owner name [comments text]
The keywords and arguments for this command are as follows:
•
•
•
After you enter the source-address-list command, the prompt changes to the source address list mode, where you specify IP addresses of the client DNS proxies. To enter multiple addresses, repeat the ip address command. You can enter a maximum of 60 addresses for each list, including the default list. With the default list, you cannot add any addresses because it is not user-configurable.
For example, to create a source address list named WEB-GLOBAL-LISTS and add two IP addresses and subnet masks to the list, enter:
gssm1.example.com# configgssm1.example.com(config)# gslbgssm1.example.com(config-gslb)# source-address-list WEB-GLOBAL-LISTS owner WEB-SERVICES comments "GLOBAL ALIST FOR ECOMMERCE"gssm1.example.com(config-gslb-sal)# ip address 1024 172.27.16.4 255.255.255.0gssm1.example.com(config-gslb-sal)# ip address 1024 172.27.28.4 255.255.255.0If you need to delete a source address list, first verify that none of your DNS rules reference the source address list that you want to delete. You cannot delete source address lists associated with an existing DNS rule. If necessary, remove the source address list from the DNS rule. See Chapter 7, Building and Modifying DNS Rules, for information about modifying a DNS rule.
Caution
To delete a source address list, perform the following steps:
1.
2.
To display source address lists and delete a source address list, enter:
gssm1.example.com(config-gslb)# show gslb-config source-address-listsource-address-list WEB-GLOBAL-LISTS owner WEB-SERVICESip address 192.168.1.0/24source-address-list sal2 owner WEB-SERVICESip address 192.168.100.0/24source-address-list Anywhere owner Systemip address 0.0.0.0/0gssm1.example.com(config-gslb)# no source-address-list WEB-GLOBAL-LISTSgssm1.example.com(config-gslb)#To delete an IP address that is included in the source address list GLOBAL-SERVICE-LISTS, enter:
gssm1.example.com(config-gslb)# source-address-list GLOBAL-SERVICE-LISTSgssm1.example.com(config-gslb-sal)# no ip address 1024 172.27.16.4 255.255.255.0gssm1.example.com(config-gslb-sal)#Displaying Source Address List Information
You use the show gslb-config source-address-list command to display information about the source address lists currently configured for the GSS.
For example, to display previously created source address lists, enter:
gssm1.example.com(config-gslb)# show gslb-config source-address-listsource-address-list sal1 owner E-COMMERCEip address 192.168.1.0/24source-address-list sal2 owner WEB-SERVICESip address 192.168.100.0/24source-address-list sal3 owner SECURITYip address 192.168.150.0/24source-address-list Anywhere owner Systemip address 0.0.0.0/0gssm1.example.com(config-gslb)#Where to Go Next
Chapter 4, Configuring Domain Lists, describes the creation of domain lists. Domain lists are collections of domain names for Internet or intranet resources, sometimes referred to as hosted domains, that have been delegated to the GSS for DNS query responses.
