The Cisco content services switches (CSSs) employ the Content and Application Peering Protocol (CAPP), which allows the switches to exchange content information. The CAPP session is guaranteed and secure. When combined with the built-in DNS server of the switch, it allows for a powerful automatic global load balancing solution. CAPP ensures that the least loaded site/server is used for requested Web site.
The "foo.com" company has web sites in France and in the United States. They want clients serviced by the site used by that clients DNS-proxy server for the DNS lookup. It is hoped that the DNS-proxy servers in the US will select the CSS in the US for their DNS queries, and the DNS-proxy servers in France will use the CSS in France for their DNS queries. DNS-proxy servers in other locations would hopefully use the CSS that is closest to them. There is no requirement for DNS-proxy servers to use the nearest Name Server when they receive a list of NS records for a domain. If either site's servers go down, the clients are forwarded to the other site.
You can view the DNS server information with the show dns-server stats command and show dns-server dbase command to see the entries in the host table. The show app commands give information on the sessions established between the switches. Showing the rules on either switch (show rule-summary command) reveals that each switch has shared information about its local rules with its peer. These rules show up as "rule_name@remote_switch." You can even use the secure connection to issue a command line interface (CLI) command on the remote switch. For example, to see the rule on the other switch use the rcmd remote_addr show rule-summary command.To balance the traffic strictly based on the the "load" at each site, you would want to omit the command dnsbalance preferlocal from both configs. This will allow even load balancing, but will result in some users reaching a "distant" site. Please note that some browsers will make a new DNS query every 30 minutes regardless of the recent web-browser activity.
App Session Information 'no hostname': Session ID: 836d2040 IP Address: 192.168.1.254 State: APP_SESSION_UPVerify that all the services attached to the two switches are up using the show service summary command. There is an additional "service" that was learned from the remote switch. The service with the "@" is actually the collection of services on that remote switch.
Service Name State Conn Weight Avg State Load Transitions FrSrvr1 Alive 0 1 2 16 FrSrvr2 Alive 0 1 2 16 WebServers@192.168.1.100 Alive 0 1 2 0The show dns-server stats command shows the resolutions that were sent to the local Virtual IP (VIP) and the remote VIP.
DNS Server SCM database Statistics: DNS Name: Content Name: Location: Resolve Local: Remote: ---------------------------------------------------------------------------- css-france HOST TABLE 10.1.1.254 0 0 www.foo.com WebServers 10.1.1.100 9 @192.168.1.100 4
Repeat using the US switch's console. The host table shows the resolution from its standpoint. Point the web browser to www.foo.com using the French client. It will resolve to the local VIP. Unplug (or suspend) all the servers on the French CSS. Click on a link on the page. The CSS has redirected the browser seamlessly to a server on the remote CSS. Reconnect the French CSS. You continue to stay on the US CSS maintaining state. If you open a new browser session (or re-enter the URL), the CSS binds to a French server. Disconnect the servers on the French CSS. Issue a monitor show summary command on the French CSS CLI. Use a web stressing application (for example, MS Web Application Stress) to hit the site www.foo.com. Reconnect the French servers. Note the CSS verifies the servers are back online using the HTTP keepalive. Once they are up, it load balances over the French servers and stops sending the clients to the US CSS.
Global Bypass Counters: No Rule Bypass Count: 7186 Acl Bypass Count: 0 Owner Content Rules State Services Service Hits foo.com WebServers Active FrSrvr1 14973 FrSrvr2 14972 WebServers@192.1 7165
The Cisco Support Community is a forum for you to ask and answer questions, share suggestions, and collaborate with your peers.
Refer to Cisco Technical Tips Conventions for information on conventions used in this document.