Basic Global Server Load Balancing Site

Redundancy Using the CSS with DNS

Document ID: 25837

Contents
Introduction
Prerequisites
Requirements
Components Used
Conventions
Background Information
Configure
Network Diagram
Configurations
Verify
Troubleshoot
Related Information
Introduction
This document describes how to create a backup/failover server farm using an extra single or redundant pair
of Content Services Switches (CSS) in a remote location. This is helpful in situations where a CSS in a
secondary data−center is available but only desired as a back−up in the event of a total failure in the primary
site.

This document can also be used to help configure two site Global Server Load Balancing (GSLB) by omitting
the access control list (ACL) on the secondary CSS.

Prerequisites
Requirements
Implementing this configuration requires knowledge of Domain Name System (DNS) administration and
administrative access to the DNS server authoritative for the domain used. The only non−CSS configuration
required is two NS records, a primary and secondary, with one pointing to the primary CSS' circuit VLAN
address and the other to the secondary.

Components Used
This configuration was developed and tested using the software and hardware versions below.

• CSS 11800 (West Coast Site)

• CSS 11050 (East Coast Site)
• Web NS version 5.0

The information in this document was created from the devices in a specific lab environment. All of the
devices used in this document started with a cleared (default) configuration. If your network is live, make sure
that you understand the potential impact of any command.
Conventions
For more information on document conventions, see the Cisco Technical Tips Conventions.

Background Information
An application session is configured between two CSS switches in two different geographic locations. There
is no requirement for a point−to−point link joining the sites; the only requirement is that the two sites can
route to each other.

Using the CSS switches DNS capability, a higher level DNS server (in this example, the one authoritative for
yourdomain.com) will be configured to use both CSS' circuit VLAN address as NS records for a sub−domain
called www.yourdomain.com. Whichever CSS is referred to by the higher level DNS server will then resolve
that a record request with the IP address of the DNS content rule on the CSS.

The primary site will be preferred through a combination of using an ACL on the secondary CSS, an
application session between the two CSS switches, and configuring the above mentioned NS records on the
higher−level DNS server.

Configure
In this section, you are presented with the information to configure the features described in this document.

Network Diagram
This document uses the network setup shown in the diagram below.

Configurations
This document uses the configurations shown below.

• West Coast Site (Primary)

• East Coast Site (Backup)
 West Coast Site (Primary)
!*************************** GLOBAL ***************************

app
app session 192.168.2.1

!−−− Configures the app session to the remote CSS; remote service
!−−− and DNS info is shared through here.

ip route 0.0.0.0 0.0.0.0 192.168.1.50

!************************* INTERFACE *************************
interface 3/2
bridge vlan 2

!************************** CIRCUIT **************************

circuit VLAN1
ip address 192.168.1.1 255.255.255.0

circuit VLAN2
ip address 10.1.1.1 255.255.255.0

!************************** SERVICE **************************

service primary1
ip address 10.1.1.2
active

service primary2
ip address 10.1.1.3
active

service primary3
ip address 10.1.1.4
active

service promary4
ip address 10.1.1.5
active
!*************************** OWNER ***************************
owner GSLB
dns both

!−−− This states that there is a remote CSS authoritative for the same domain.

content WWW
vip address 192.168.1.2
add service primary1
add service primary2
add service primary3
add service primary4
add dns www.yourdomain.com

!−−− This tells the CSS to resolve requests for this domain to this VIP.

dns preferlocal
!−−− If the request first hits this site, then always prefer this site and not
!−−− the remote CSS authoritative for this domain.

active

East Coast Site (Backup)

!*************************** GLOBAL ***************************

app
app session 192.168.1.1

!−−− Configures the app session to the remote CSS; remote service
!−−− and DNS info and is shared through here.

ip route 0.0.0.0 0.0.0.0 192.168.2.50

!************************* INTERFACE *************************
interface 3/1
bridge vlan 2

!************************** CIRCUIT **************************

circuit VLAN1
ip address 192.168.2.1 255.255.255.0

circuit VLAN2
ip address 10.1.1.1 255.255.255.0

!************************** SERVICE **************************

service backup1
ip address 10.1.1.2
active

service backup2
ip address 10.1.1.3
active
service hacked_redirect

!−−− This probe checks if the primary site is up.

ip address 192.168.1.2
keepalive type http

!*************************** OWNER ***************************

Owner GSLB
dns both

!−−− This states that there is a remote CSS authoritative for the same domain.

content WWW
add dns www.yourdomain.com
vip address 192.168.2.2
add service backup1
add service backup2

acl 1
!−−− If the primary site is up, then this ACL will tell requests
!−−− landing on this site to prefer the West Coast site.

clause 10 permit any any destination content owner_backup/WWW−backup prefer hacked_redirectt

clause 99 permit any any destination any
apply circuit−(VLAN1)
apply dns

acl 5
clause 10 permit any any destination any
apply all

Verify
There is currently no verification procedure available for this configuration.

Troubleshoot
There is currently no specific troubleshooting information available for this configuration.

Related Information
• Sticky Global Load Balancing on the CSS 11000 Configuration Example
• Cisco Content Services Switch
• Configuring the DNS Sticky Feature
• Application Networking Services Support Resource
• Software Download for WebNS CSS11000 Software ( registered customers only)

Contacts & Feedback | Help | Site Map

© 2009 − 2010 Cisco Systems, Inc. All rights reserved. Terms & Conditions | Privacy Statement | Cookie Policy | Trademarks of
Cisco Systems, Inc.

Updated: Jan 30, 2006 Document ID: 25837