Forum Discussion

Michal_Cz_17502's avatar
Michal_Cz_17502
Icon for Nimbostratus rankNimbostratus
Oct 24, 2014

DNS persistence for clients from the same network subnet

hello,

 

I've DNS VIP created for simple load balancing across multiple Microsoft AD integrated DNS servers, by just using round robin.

 

I've new requirement to be meet which would create persistence for a user session. All users would be connecting to DNS VIP from the same subnet. I've attached a diagram how it should look (all DNS should be used actively).

 

Now the question is, is this achievable at all? if so, would iRule be the way?

 

Thank you in advance for all responses.

 

 

application delivery
devops
iRules

4 Replies

Sort By
  • Ed_Summers's avatar
    Ed_Summers
    Icon for Nimbostratus rankNimbostratus
    Oct 24, 2014

    Is the requirement for a specific AD user account, or will persistence based on the source IP address suffice?

     

    Edit to clarify - if source IP is fine, just add a source address persistence profile with an appropriate mask, like /32. Unless you set the persistence timeout to 'indefinite' a user (IP address) could eventually be re-balanced to a new DNS server, just be careful of the number of persistence records it will generate/maintain.

     

    -Ed

     

  • Michal_Cz_17502's avatar
    Michal_Cz_17502
    Icon for Nimbostratus rankNimbostratus
    Oct 27, 2014

    thanks for your feedback Ed.

     

    Would it be possible to do this by source mac address? Clients connecting from that subnet are constantly changing ip addresses (dhcp clients with short lease times).

     

    The clients are ok to re-balance to new DNS server after 1 hour.

     

    • Andrew_Husking's avatar
      Andrew_Husking
      Icon for Cirrus rankCirrus
      Oct 29, 2014
      In your example, if you set the subnet mask in the persistence profile to be 255.255.0.0 then everyone in 10.3.x.x would get the same server
    • Michal_Cz_17502's avatar
      Michal_Cz_17502
      Icon for Nimbostratus rankNimbostratus
      Oct 29, 2014
      that's what i want to avoid. The example/diagram shows desired configuration, where each client connecting from same subnet will be redirected to different DNS server and stick with it for at least 1 hour.