Reg123 GSLB

0

Hi All

 

i am currently testing two kemp devices which i would like to move forward to purchase

but until i get over this last hurdle i cannot commit - so i really need some help - i do have a support ticket open already but maybe i need some customer examples to understand

i am only caring about external connections to websites as internally i have this running correctly

 

users need to access site: test.abc,com

 

please note if i point the A record direct to 5.5.5.5 or 6.6.6.6 the site works as expected

 

 

Site A

Public IP 5.5.5.5

Palo NAT to internal 172.25.48.26 (IIS VIP)

management: 172.25.48.20

back end load balanced between two web servers - working successful

 

 

Site B

Public 6.6.6.6

Palo NAT to internal 172.25.52.26 (IIS VIP)

management: 172.25.52.20

back end load balanced between two web servers - working successful

 

Web Registar is reg123

the issue i am having is the domain abc.com is already being used to serve data to other services so i cannot change the nameserver for this domain without effecting large portions of the business

so what i have is a second domain called xyz.com which is a new creation

xyz.com

nameservers: 6.6.6.6, 8.8.8.8

 

now if i go to test.abc.com and change this to a cname of test.xyz.com it should forwards to xyz.com and hit the kemp devices

 

this is actualy happening - i see the port 53 traffic incoming

i changed my web servers to allow access on both hostnames test.abc.com and test.xyz.com to ensure one of these services are hit

 

but i am getting no joy - when running a diag the wireshark results show as refused

38 5.410754 88.82.13.58 172.25.48.20 DNS 89 Standard query 0x9dfc A test.xyz.com
39 5.411077 172.25.48.20 88.82.13.58 DNS 89 Standard query response 0x9dfc Refused A test.xyz.com

 

so it looks like the cname is working correctly so it changes from test.abc.com to test.xyz.com but i dont understand the refused

 

because i have never used GSLB before i am trying to get it how i expect it to work possibly compared to how it should work

 

just to add is i directly browse test.xyz.com it also does not work

 

 

 

1 comment

Avatar
0
Mark Deegan

Hello Jake,

The DNS delegation for test.xyz.com must be to the GEO devices.

Create 2 new A records in xyz.com

A Geo1.xyz.com

A Geo2.xyz.com

These will be your DNS servers for the zone

Created a delegation for the zone test.xyz.com and when asked for name servers for this zone choose the geo1 and geo2 records.

Create a fqdn on your GEO LM for the A record test.xyz.com and add the VIP address for the FQDN

this should then work

regards

Mark