1748169 Members
4398 Online
108758 Solutions
New Discussion

SA9200 Flash DNS

 
James Mutton
New Member

SA9200 Flash DNS

I'm having a strange problem with Flash DNS. In a very simple config the Flash peers are returning the opposite ip's that they are supposed to for flash load balancing.

Given 2 sites in the following config we get the opposite result as intended.
Site 1: 10.1.0.0/16
SA9200: 10.1.0.1 (HOST SA1)
WebFrm: 10.1.0.2

Site 2: 10.2.0.0/16
SA9200: 10.2.0.1 (HOST SA2)
WebFrm: 10.2.0.2

ISVGroups
Site1 Primary flash: 10.1.0.1
Site1 Service: 10.1.0.2:80

Site2 Primary flash: 10.2.0.1
Site2 Service: 10.2.0.2:80

Domain/Host: www.9200.xyz.com
SiteServices:
site1:10.1.0.2:80
site2:10.2.0.2:80

Site1 is primary
Site2 is secondary
Flash metrics check out good ~ 30 ms between sites
NTP Is configured.

All looks good. My config is as standard as it gets, dummied down from when they were first installed and attempted to move over to flash load balancing mode. I put myself behind a firewall and turn off flash aliasing, so that the firewall will block and log the response to a server that wasn't queried. I can see the firewall block the DNS Response from SA2 which I would expect to contain the ip addresses for SITE2. Unfortunatly I've found that SA1 returns SITE2 Data (the remote site) and SA2 returns SITE1 Data. This is opposite from what one would expect as it would tend to direct the end user to the site FURTHEST away from them.

Our WRR load balancing method was working fine before it seems to only happen in Flash response mode. The result is not consistant either. During different configuration attempts inconsistant results were experienced. We've seen this problem on software versions: 3.1 Patch 2.0 Build D5 & 3.1 Patch 3.0 build D1.

Anyone out there running a pair of SA9200's and been able to get Flash DNS working?
1 REPLY 1
Adam Lavelle
New Member

Re: SA9200 Flash DNS

Well we have been attempting to setup a very simple flash DNS network between two sites as well.

While I haven't yet run into the specific issue you're talking about, we are running into another hard to trace issue.

It appears that a cetain percentage of DNS queries result in a time out. While not consistent, and for reasons I cannot explain any user attempting to connect to the load balanced websites will never get an IP.

Seems to work the majority of the time, and attempts to determine if it is a network issue have come up emptyhanded. From the client, continual pings to both SA9200 result in average of 40ms replies with 0 dropped packets. Pings between the two SA9200's average at 13ms, with 0 dropped packets.

So for whatever reason it seems the 9200 just discards the request.

Searching the net doesn't provide much help, but was interested in hearing other people's stories on how well these actually work. Anyone relying on traffic directors for mission critical websites?