[f-nsp] GSLB

Torrez,Jon Jon_Torrez at securecomputing.com
Thu Jul 3 14:28:14 EDT 2008 

Hah, sorry =] below is the policy config and additional information that is
pertinent.

 

Ok, so this is everything except the gslb site and gslb dns config data.

 

Please note, for this installation we have a total of four GSLB controllers
and four Server Iron 350s.

 

Two sites have two GSLB controllers configured in the active/standby option.

 

Two different sites from the GSLB sites have server irons, with each site
configured with symmetric active/active reporting to the GSLB controllers.

 

Each SI has the GSLB self-and-peer option.

 

-jon

 

gslb protocol

gslb active-rtt-gathering

gslb dns-probe enable-fallback

gslb policy

 metric-order set preference health-check round-trip-time

 round-trip-time tolerance 2

 round-trip-time cache-interval 86400

 round-robin

 dns ttl 60

 dns active-only

 dns override

 dns cache-proxy

 

From: dtemkin at yahoo.com [mailto:dtemkin at yahoo.com] 
Sent: Thursday, July 03, 2008 2:16 PM
To: Torrez,Jon; foundry-nsp at puck.nether.net
Subject: Re: [f-nsp] GSLB

 

Jon,

Can you also give me the gslb policy section of your running config?

-Dave

----- Original Message ----
From: "Torrez,Jon" <Jon_Torrez at securecomputing.com>
To: dtemkin at yahoo.com; foundry-nsp at puck.nether.net
Sent: Thursday, July 3, 2008 10:29:25 AM
Subject: RE: [f-nsp] GSLB

Hey Dave.


Here you go.

 

#show gslb policy

 

  Default metric order: DISABLE

  Metric processing order:

                1-Server health check

                2-Round trip time between remote SI and client

                3-Round-robin selection

 

 

  DNS active-only: ENABLE   DNS best-only: DISABLE  DNS override: ENABLE

  DNS cache-proxy: ENABLE   DNS transparent-intercept: DISABLE

  DNS cname-detect: DISABLE  Modify DNS response TTL: ENABLE

  DNS TTL: 60 (sec), DNS check interval: 30 (sec)

  Remote SI status update period: 30 (sec)

  Remote SI health-status update period: 5 (sec)

  Session capacity threshold: 90%  Session availability tolerance: 10%

  Round trip time tolerance: 2%, round trip time explore percentage: 5%

  Round trip time cache prefix: 20, round trip time cache interval: 86400
(sec)

  Round trip time cache age refresh: DISABLE

  Round trip time algorithm selection:  USE PASSIVE ONLY

  Connection load: DISABLE

  Weighted Site Metric: DISABLE     Weighted IP Metric: DISABLE

  Active Bindings Metric: DISABLE

  Weighted selection: DISABLE

  persistent hashing rehash disabled: DISABLE

  sticky: DISABLE

 

From: dtemkin at yahoo.com [mailto:dtemkin at yahoo..com] 
Sent: Thursday, July 03, 2008 12:59 PM
To: Torrez,Jon; foundry-nsp at puck.nether.net
Subject: Re: [f-nsp] GSLB

 

Jon,

Can you provide a snapshot of your "gslb policy"?

-Dave

----- Original Message ----
From: "Torrez,Jon" <Jon_Torrez at securecomputing.com>
To: foundry-nsp at puck.nether.net
Sent: Thursday, July 3, 2008 6:38:45 AM
Subject: [f-nsp] GSLB

Anyone out there using GSLB with A-RTT as the secondary metric (first being
health check of course) and the tie breaker being round robin.

 

I have a GSLB enabled under those settings and when the TTL times out for
the initial answer the other site is issued as the answer for the next time
around, aka "flip flopping".

 

Both sites are in N-AM.

 

I would expect the flip flopping if the A-RTT data were equal but it is not.

 

Any additional details info needed to understand the situation please ask.

 

Thanks all.

 

 

-jon

 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/foundry-nsp/attachments/20080703/2ea5feba/attachment.html>

More information about the foundry-nsp mailing list