This section shows all the settings available for the current GSLB farm categorized into three tabs: Global, Services, and Zones. Every change in this section has to be applied clicking on the Update button.
Global Settings for GSLB Farms
In this section it’s shown the configured options during the farm creation:
Name. It’s the identification field and a description for the virtual service, only editable if the GSLB farm is down. Ensure that the new farm name is available, in another case an error message will appear.
Virtual IP and Port. IP address and Port used by the GSLB service. To make changes in these fields, ensure that the new virtual IP and virtual port are not in use. It’ll be needed to restart the service in order to apply the changes.
This could also be done manually using the Actions if needed. Notice the Upper Right Corner buttons added for that purpose:
This couple of icons will let you restart (the small curved arrows) or start/stop the farm (the green triangle or square).
The Status is shown by mean the color bullets as follow:
- Green: Means UP. Farm is running and all backends are UP.
- Red: Means DOWN. Farm is stopped.
- Orange: Means RESTART NEEDED. There are recent changes that need a farm restart to be applied.
- Black: Means CRITICAL. The farm is UP but there is not backend available or they are in maintenance mode
- Blue: Means PROBLEM. Farm is running but at least one backend is down.
- Yellow: Means MAINTENANCE. Farm is running but at least one backend is in maintenance mode.
Those color codes are the same all over the graphical user interface. You could see them better explained in the LSLB Farms Section
Services Section in GSLB Farms
Adding a New Service will require:
Service Name. Short description of the new service.
Algorithm. Select the scheduling method that you prefer for this new service.
- Round Robin: equal sharing. An equal balance of traffic to all active real servers. For every incoming connection, the balancer assigns the next round robin real server to deliver the request.
- Priority: connections always to the most prio available. Balance all connections to the same highest priority server. If this server is down, the connections switch to the next highest server. With this algorithm, you can build an Active-Passive cluster service with several real servers.
Once the new service is created, it’ll be needed to restart the GSLB farm.
Round Robin Services in GSLB Farms
The GSLB Round Robin service will allow sharing the requests equally between all the backends at DNS level.
Priority Services in GSLB Farms
The GSLB Priority service will allow creating a global DNS clustering service at domain name level.
The Priority services permit the same configuration options than the Round Robin services, but only allows 2 backends to be configured in order to create a cluster. By default, the local IP address 127.0.0.1 is configured and it should be modified by the real servers IP addresses.
The configuration options of both services type are shown below:
Default TCP port health check. This is the health check TCP port that the service is going to check in order to determine that the backend service is alive. An empty value is disabled.
Health Checks for backend performed by Farm Guardian are an optionally advanced feature. Even if you do not enable it, a simple check will be performed every 5 seconds to monitor the backend health.
Some built-in or customized advanced health checks can be assigned to this service from the already created farm guardians checks.
For further information about Farm Guardian go to the Monitoring >> Farm Guardian section.
Finally, in order to apply these changes, it’s needed to click on the green Update button and a confirmation message will appear at the left bottom corner of the browser.
In regards to the Backends section, at least 1 backend should be configured. By default, the 127.0.0.1 local IP address is configured, but it’ll be required to change it for the backends which host the real application.
The GSLB farms allow to configure the following real server properties:
ID. It’s the index that references the backend in the farm configuration.
ALIAS. Backend alias if any alias was defined for the backend.
IP. The IP address of the given backend, if you have selected any alias, this field will be not editable, you should change the alias field. If you have selected ‘Custom IP’ in the alias field, it will be editable for the desired IP.
ACTION. The backends of priority service do not have available actions. For the round-robin service, the available actions per backend are:
- Delete. Delete the given real server of the virtual service. The alias is not deleted. The first backend is not possible to delete.
For backends in addition form:
- Save. Save the new real server entry in the given service and start using it.
- Cancel. Cancel the new real server entry.
Through the Actions menu button the following actions are available for the selected backends:
- Add Backend. This option opens the backend addition form.
Delete the selected backends.
In addition, you can modify a previously added backend, if you put the mouse pointer over the fields you can see which fields are editable and edit it clicking over it. The modify will be sent when you press the enter key or when the field loses the focus.
Zones of GSLB Farms
A GSLB Zone will describe the DNS domain name, subdomains, aliases, etc., which will be needed to generate a complete DNS zone with additionally load balancing records using the services defined as described above.
Once a new Zone is created for a certain domain, some configuration options are available and they’re detailed below.
Default Name Server. This will be the entry point root name server that will be available as the Start Of Authority (SOA) DNS record. By default ns1 will be set.
Zone Resources Configuration
Every Zone requires to create Resources to configure the dynamic DNS:
ID. Resource identification number.
RESOURCE NAME. The resource name of the DNS entry.
TTL. The Time to Live (optional) value for the current record which it’s needed to determine the length of time that the current name will be cached.
TYPE. DNS record type. The options are:
- NS. Name Server type record, it delegates a DNS zone to use the given authoritative name servers.
- A. Address type record, it returns an IPv4 address of a host.
- CNAME. Canonical name type record, it represents an alias of a given name.
- Services. Dynamic address type record, it returns a dynamic address specified by a Service already created within the farm configuration according to the algorithm selected for such service.
Type Services behavies a little different in regards to TTL. TTL fields have a syntax extension and slightly different meanings than the TTL field of a traditional, fixed RR. The traditional format for DYNA/DYNC TTLs is MAX[/MIN], with MIN defaulting to half of MAX if not specified explicitly. In our case, it is not possible to define the MIN, so it will be always half of de MAX specified.
- AAAA. Address type record, it returns an IPv6 address of a host.
- MX. Mail exchange type record maps a domain name to a list of message transfer agents for that domain.
- SRV. Generalized service location record, used for newer protocols instead of creating protocol-specific records such as MX.
- TXT. Text type record, it is used to store any text-based information that can be grabbed when necessary. We most commonly see TXT records used to hold SPF data and verify domain ownership.
- PTR. Pointer record, pointer to a canonical name. Unlike a CNAME, DNS processing stops and just the name is returned. The most common use is for implementing reverse DNS lookups.
- NAPTR. Naming Authority Pointer, Allows regular-expression-based rewriting of domain names which can then be used as URIs, further domain names to lookups, etc.
RDATA. It’s the real data needed by the record type, input value depends on the kind of the Resource Name, the following example shows the different kind of Resource Names and the allowed RData values for each one.
- Add Resource. Create a new resource record for a certain zone.
- Edit. Modify a certain resource value and apply.
- Delete. Delete a resource record for a certain zone.
This section let you enable IPDS rules. The list shows different types of protection and a select box to enable them. For further information please go to the IPDS Black List, IPDS DoS or IPDS RBL specific documentation.
For each of the three types of IPDS rules, Blacklist, DoS and RBL, there is a summary table which shows the following values fields:
- RULE NAME. Name of your rule
- STATUS. It shows if the rule is active (up) or not (stopped)
- ACTIONS. This button let you interact with your rules. Possible actions are explained ahead.
The available Actions to be applied by the IPDS rules to the farm are:
- Add rule. Create and assign a new rule to the farm.
- Unset. Unassign IPDS rule of the farm.
- Enable Rules. Activate the selected IPDS rules for the given farm.
- Disable Rules. Deactivate the selected IPDS rules for the given farm.
Once you add a new IPDS rule you should select from the list the rule(s) (multiple selection) you would like to apply. Please have a look to the next picture:
After selecting the rule to be applied you will see a screen like the next one. There it will appear your new rule associated to a certain farm. Initially the rule Status is Down. In order to activate the rule you need to press the green play icon under Actions column. It will prompt a message announcing the rule is activated.
Next step, check out the Stats and Graphs.