This article contains information about how to configure a GSLB setup for internal users using the same host name.
In some scenarios, the administrator requires that all external users (coming through the Internet) must go through the Citrix Gateway using a public or external IP Address, whereas all the internal users within the Domain can just log into Storefront using an internal IP address.

NOTE :

It is not necessary to create an explicit external view for external users as NetScaler by default provides the public or external IP Address for DNS requests.

Requirements

A NetScaler appliance configured with GSLB basic setup. You must configure the following in the basic GSLB setup:

• One remote and/or local GSLB virtual server

• Two GSLB services, one local and the other remote service, or both local services

• The services are bound to the GSLB virtual server and the DNS domain is bound to the GSLB virtual server

Background

To implement this solution DNS views are used.
The policies associated with the DNS Views can be configured to provide different Views or IP addresses depending on various network attributes, such as Interface, IP (LDNS), and PORT.

Instructions

 To configure a GSLB setup for internal and external users using the same host name, complete the following steps:

1. Expand the DNS node in the configuration utility of a NetScaler appliance. DNS is located under Traffic Management Node.

2. Select the Views node.

3. Click Add.
   

4. Enter the name for the DNS View in the Create DNS View dialog box, as shown in the following screenshot. 
   

5. Click Create.

6. Select the Policies node.

7. Click Add.

8. Give the Policy a name , click on + next to Action ,
   Under Action , select the type as "View Name" and select the DNS View created in the preceding steps, as shown in the following screenshot:
   Type the required Expression in the Expression field.
   Note: In this case 10.217.146.85 is the LDNS IP address from which internal DNS look-ups are done.
    
   
   
   
   

9. Bind the GSLB Service with the above created DNS Policy. In the following screenshot, the GSLB Service - GSLB-Service-SITE01 is associated with Local or Internal IP address:
   Navigate to Traffic Management- GSLB- Services, click the required service, click on edit and the choose the DNS View option. Bind the DNS View to the GSLB Service. In the following screenshot the GSLB Service - GSLB-Service-SITE01 is associated with 10.107.198.180, Local or Internal IP Address:
   
   
   
   
   

10. In the following screenshot, the GSLB service - GSLB-Service-Site02 is associated with 10.108.198.180, Local or Internal IP Address:
    

    

    
    
    Note:

    • GSLB-Service-Site01 and GSLB-Service-Site02 are the GSLB Service names. Ideally, they are one Service from the remote site and one from the local site. 

    • The local IP addresses, 10.107.198.180, 10.108.198.180 must be typed in manually at the GSLB Service level when associating a DNS View with a GSLB Service.

11. Select the Policies node.

12. Bind the DNS policy globally as shown in the following screenshot:
    Click on Policy Manager and choose the Policy created for Internal View.
    
    

Demonstration

Based on the preceding DNS setup, all DNS look up request from LDNS IP 10.218.146.85 should be sent to either (Round Robin) 10.107.198.180 or 10.108.198.180, based on the DNS policy bound.

root@Repro_NS_10# dig @10.217.146.85 example.com
; <<>> DiG 9.6.1-P3 <<>> @10.217.146.85 example.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49338
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;example.com.                   IN      A
;; ANSWER SECTION:
example.com.            5       IN      A       10.107.198.180
;; Query time: 0 msec
;; SERVER: 10.217.146.85#53(10.217.146.85)
;; WHEN: Wed May 25 20:39:25 2011
;; MSG SIZE  rcvd: 45
root@Repro_NS_10# dig @10.217.146.85 example.com
; <<>> DiG 9.6.1-P3 <<>> @10.217.146.85 example.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18382
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;example.com.                   IN      A
;; ANSWER SECTION:
example.com.            5       IN      A       10.108.198.180
;; Query time: 0 msec
;; SERVER: 10.217.146.85#53(10.217.146.85)
;; WHEN: Wed May 25 20:39:26 2011
;; MSG SIZE  rcvd: 45
root@Repro_NS_10#

Assuming there is another LDNS server, 10.217.145.233, the DNS look up request goes through the regular GSLB virtual server and NetScaler responds with the default public or external IP Addresses.

root@Repro_NS_09# dig @10.217.145.233 example.com
; <<>> DiG 9.6.1-P3 <<>> @10.217.145.233 example.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49833
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;example.com.                   IN      A
;; ANSWER SECTION:
example.com.            5       IN      A       10.217.145.100
;; Query time: 0 msec
;; SERVER: 10.217.145.233#53(10.217.145.233)
;; WHEN: Wed May 25 12:32:55 2011
;; MSG SIZE  rcvd: 45
root@Repro_NS_09# dig @10.217.145.233 example.com
; <<>> DiG 9.6.1-P3 <<>> @10.217.145.233 example.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14805
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;example.com.                   IN      A
;; ANSWER SECTION:
example.com.            5       IN      A       10.218.145.100
;; Query time: 6 msec
;; SERVER: 10.217.145.233#53(10.217.145.233)
;; WHEN: Wed May 25 12:32:57 2011
;; MSG SIZE  rcvd: 45
root@Repro_NS_09#