Jump to content
Welcome to our new Citrix community!

Confused with "DNS Action" and "DNS View"


Recommended Posts

I don't quite understand what the "DNS action" is for,  such as the following example,   Dependent on the customers from different subnets, to give them a different IP address, 

 

Requirement
  User A on subnet 10.60.0.0 requests for www.TEST.com and netscaler GSLB returns 10.60.100.100
  User B on subnet 10.50.0.0 requests for www.TEST.com and netscaler GSLB returns 10.50.100.100

 

Standard configuration with DNS Action:
  add dns view Test_View
  add dns action Test_Action ViewName -viewName  Test_View
  add dns policy Test_polciy "CLIENT.IP.SRC.EQ(10.60.0.0)" Test_Action
  bind gslb service Test_service -viewName Test_View 10.60.100.100

Repeat the same for the other service.

 

 


My configuration without DNS Action:   (I think it can be without using "DNS Action")
  add dns view Test_View
  add dns policy Test_polciy "CLIENT.IP.SRC.EQ(10.64.0.0)" -viewName Test_View 
  bind gslb service Test_service -viewName Test_View 10.60.100.100
  bind dns global Test_View 3000

 

 

Is there a problem with my configuration?    How do I use the "dns acton" and "dns view"?    

 

Thanks a lot!!

Link to comment
Share on other sites

 

https://support.citrix.com/article/CTX127590 - example of dns views for gslb

https://support.citrix.com/article/CTX207198 - example of dns action alongside dns load balancing

 

Kind of the simplest explanation is that DNS Views represent a specific type of dns action in a policy and is used to identify which dns response to return based on the client ip. So when used with GSLB or a DNS Proxy (DNS load balancing) you could have one entity serving both LAN and WAN views.

 

A DNS action is specifically used to provide a specific type of dns response such as DROP or CacheByPass.  This way you can also use dns policies (expressions) to identify certain conditions to trigger a DROP for certain dns requests (such as if request comes from blacklist) or a dns cache bypass to selectively avoid certain dns cache lookups.  This would more often be used with dns policies associated with dns lb vservers/dns proxy configs.  But it can also point to VIEW.  DNS Actions:  ViewName, GslbPrefLoc, noop, Drop, Cache_Bypass, Rewrite_Response

 

I can't recall for sure, but its possible we had dns view support before we had the rest of the granular dns policy actions.  And the policy actions allow for more granular control of certain types of dns requests/response handling.  And DNS views are specifically to use the policy expression to identify subnet of interest and control the dns responses provided. 

 

As the capabilities expanded, they allowed you to work with with the dns policy as a view-based policy or an action-based policy that could reference a view or other things.

 

Bottom line, the dns policy can trigger two different categories of actions: view-based or action-based. 

And yes you can point the policy to the view directly or make it like other policy features and point the policy to the action and the action does the view.  

  • Like 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...