Jump to content
Welcome to our new Citrix community!

GSLB Static Proximity /DNS policy consistency issues


Recommended Posts

Hi,

 

Was looking for some direction to investigate two sets of issues we are seeing in the environment with GSLB decisions

 

To give a background , we have Double Hop Netscaler instances setup in 5 regions with failover to the same site Datacenters (each region has 2 DCs)

 

1) US

2) UK

3) JP

4) IN

5)HK

 

Primary GSLB method is Static proximity servicing only GAteway services 

 

Also have DNS policies and actions configured to groom traffic based on continent / country expressions

 

set locationParameter -q2label Country_Code -q3label Subdivision_1_Name -q4label Subdivision_2_Name -q5label City -matchWildcardtoany YES
add location 1.1.1.0 1.1.1.255 "AS.IN.*.*.*.*"
add location 2.2.2.0 2.2.2.255 "AS.JP.*.*.*.*"
add location 3.3.0.0 3.3.255.255 "NA.*.*.*.*.*"
add location 4.4.0.0 4.4.255.255 "EU.*.*.*.*.*"
add location 5.5.5.0 5.5.5.255 "AS.HK.*.*.*.*"

add dns action DNS_US_LOC GslbPrefLoc -preferredLocList "NA.*.*.*.*.*"
add dns action DNS_AS_LOC GslbPrefLoc -preferredLocList "AS.HK.*.*.*.*"
add dns action DNS_EU_LOC GslbPrefLoc -preferredLocList "EU.*.*.*.*.*"
add dns action DNS_IN_LOC GslbPrefLoc -preferredLocList "AS.IN.*.*.*.*"
add dns action DNS_JP_LOC GslbPrefLoc -preferredLocList "AS.JP.*.*.*.*"

add dns policy DNS_US_PSC_POL "CLIENT.IP.SRC.MATCHES_LOCATION(\"NA.*.*.*.*.*\")" DNS_US_LOC
add dns policy DNS_EU_PSC_POL "CLIENT.IP.SRC.MATCHES_LOCATION(\"EU.*.*.*.*.*\")" DNS_EU_LOC
add dns policy DNS_AS_PSC_POL "CLIENT.IP.SRC.MATCHES_LOCATION(\"AS.HK.*.*.*.*\")||CLIENT.IP.SRC.MATCHES_LOCATION(\"AS.CN.*.*.*.*\")||CLIENT.IP.SRC.MATCHES_LOCATION(\"AS.SG.*.*.*.*\")||CLIENT.IP.SRC.MATCHES_LOCATION(\"AS.TW.*.*.*.*\")||CLIENT.IP.SRC.MATCHES_LOCATION(\"AS.KR.*.*.*.*\")||CLIENT.IP.SRC.MATCHES_LOCATION(\"OC.AU.*.*.*.*\")||CLIENT.IP.SRC.MATCHES_LOCATION(\"AS.TH.*.*.*.*\")||CLIENT.IP.SRC.MATCHES_LOCATION(\"AS.MY.*.*.*.*\")||CLIENT.IP.SRC.MATCHES_LOCATION(\"AS.PH.*.*.*.*\")||CLIENT.IP.SRC.MATCHES_LOCATION(\"AS.ID.*.*.*.*\")||CLIENT.IP.SRC.MATCHES_LOCATION(\"AS.VN.*.*.*.*\")" DNS_AS_LOC
add dns policy DNS_IN_PSC_POL "CLIENT.IP.SRC.MATCHES_LOCATION(\"AS.IN.*.*.*.*\")" DNS_IN_LOC
add dns policy DNS_JP_PSC_POL "CLIENT.IP.SRC.MATCHES_LOCATION(\"AS.JP.*.*.*.*\")" DNS_JP_LOC

bind dns global DNS_US_PSC_POL 90 -gotoPriorityExpression NEXT -type REQ_DEFAULT
bind dns global DNS_EU_PSC_POL 100 -gotoPriorityExpression NEXT -type REQ_DEFAULT
bind dns global DNS_AS_PSC_POL 110 -gotoPriorityExpression NEXT -type REQ_DEFAULT
bind dns global DNS_IN_PSC_POL 120 -gotoPriorityExpression NEXT -type REQ_DEFAULT
bind dns global DNS_JP_PSC_POL 130 -gotoPriorityExpression NEXT -type REQ_DEFAULT

 

GSLB DOmain TTL is set to 5 mins expiry and GSLB server persistence is set to 45 mins

GSLB Method :image.thumb.png.98d31fac590730246a5f83f95a0356cf.pngimage.thumb.png.98d31fac590730246a5f83f95a0356cf.png

 

Issues*

1) While the traffic redirection works 90% there are 10% users who get redirected to an out of site Netscaler , example JP user gets redirected to HK netscaler, a dns flush or browser cache resolves the issue but then comes back after the persistence time expires 

2) The gateway sessions appear to be load balanced 80:20 in each datacenter , ideally the traffic should load balance 50:50 ?


Trace Dumps hasnt revealed much except that IPv6 queries do not receive an IP response which is expected since IPV6 vserver is not configured

 

Would be grateful if could get any suggestions on what may be triggering this behavior and any suggestions on making the GSLB static proximity work 100%?
 

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...