How to Configure a NetScaler Appliance to Forward DNS Requests to Root Servers

How to Configure a NetScaler Appliance to Forward DNS Requests to Root Servers

book

Article ID: CTX134778

calendar_today

Updated On:

Description

This article describes how to configure a NetScaler appliance to forward DNS requests to the configured root servers.

Background

In a GSLB setup the NetScaler appliance sometimes acts as a DNS resolver or an authoritative server for a delegated zone. In the default configuration the Internet root servers are included in the NetScaler configuration. It is generally assumed that requests that the NetScaler appliance does not have entries for are forwarded to the root servers for resolution.

Instructions

To configure a NetScaler appliance to forward DNS requests to the configured root servers, complete the following procedure:

  1. If you have an ADNS service configured on the NetScaler appliance, then to add this function to the appliance you must remove the ADNS service from the configuration. Run the following command to remove the ADNS service:
    rm service svc-localhost-adns

  2. Run the following command to add a nameserver to the appliance to ensure that it is designated as local to the appliance:
    add dns nameServer 192.168.0.33 -local

    In the man page entry for the add dns nameserver command, you can see that the local argument is defined as follows:
    local
    IP is a local recursive nameserver

  3. Run the following command to verify if recursion is enabled:
    show dns parameter

               DNS parameters:
           DNS retries: 5
           Minimum TTL: 0 Maximum TTL: 604800
           Name lookup priority : DNS
           Cache Records : YES
           Recursive Resolution : DISABLED
           Resolution Order : OnlyAQuery
           Max DNS Pipeline Requests: 255
           Done

    Note: In this example the appliance is configured as DISABLED for Recursive Resolution.

  4. Run the following command to enable recursion:
    set dns parameter -recursion enabled

  5. To test the configuration, run the following command:
    dig @192.168.0.36 www.updatecitrix.com +trace

    ; <<>> DiG 9.8.1-P1 <<>> @192.168.0.36 www.citrix.com +trace
; (1 server found)
;; global options: +cmd
.                       518400  IN      NS      k.root-servers.net.
.                       518400  IN      NS      l.root-servers.net.
.                       518400  IN      NS      h.root-servers.net.
.                       518400  IN      NS      g.root-servers.net.
.                       518400  IN      NS      m.root-servers.net.
.                       518400  IN      NS      b.root-servers.net.
.                       518400  IN      NS      j.root-servers.net.
.                       518400  IN      NS      e.root-servers.net.
.                       518400  IN      NS      d.root-servers.net.
.                       518400  IN      NS      f.root-servers.net.
.                       518400  IN      NS      a.root-servers.net.
      .                 518400  IN      NS      c.root-servers.net.
 .                      518400  IN      NS      i.root-servers.net.
;; Received 512 bytes from 192.168.0.36#53(192.168.0.36) in 1256 ms

com.                    172800  IN      NS      b.gtld-servers.net.
com.                    172800  IN      NS      j.gtld-servers.net.
com.                    172800  IN      NS      i.gtld-servers.net.
com.                    172800  IN      NS      f.gtld-servers.net.
com.                    172800  IN      NS      h.gtld-servers.net.
com.                    172800  IN      NS      g.gtld-servers.net.
com.                    172800  IN      NS      k.gtld-servers.net.
com.                    172800  IN      NS      l.gtld-servers.net.
com.                    172800  IN      NS      c.gtld-servers.net.
com.                    172800  IN      NS      d.gtld-servers.net.
com.                    172800  IN      NS      a.gtld-servers.net.
com.                    172800  IN      NS      m.gtld-servers.net.
com.                    172800  IN      NS      e.gtld-servers.net.
;; Received 492 bytes from 192.228.79.201#53(192.228.79.201) in 1690 ms

citrix.com.             172800  IN      NS      ctxdns01.citrix.com.
citrix.com.             172800  IN      NS      ctxdns02.citrix.com.
citrix.com.             172800  IN      NS      ctxdns03.citrix.com.
citrix.com.             172800  IN      NS      ctxdns04.citrix.com.
;; Received 216 bytes from 192.48.79.30#53(192.48.79.30) in 1098 ms

www.citrix.com.         28800   IN      CNAME   www.gslb.citrix.com.
gslb.citrix.com.        28800   IN      NS      ftlgslb.citrix.com.
;; Received 93 bytes from 66.165.176.24#53(66.165.176.24) in 46 ms

To configure a NetScaler appliance to forward DNS requests to the configured root servers from the Graphical User Interface (GUI), complete the following procedure:

  1. Expand the DNS node from the Configuration Utility.

  2. Select the Name Servers node.

  3. Click Add.

  4. Select the IP Address option in the Create Name Server window.

  5. Type the IP address.

  6. Select the Local check box, as shown in the following screen shot:

    User-added image

  7. Click Create.

  8. Select the DNS node.

  9. Click the Change DNS settings link.

  10. Ensure that you select the Enable recursion option.

  11. Select Name Servers node.

  12. Double-click on the name server created in step 7.

  13. Click Test to test the configuration.

Issue/Introduction

This article describes how to configure a NetScaler appliance to forward DNS requests to the configured root servers.

Additional Information

Citrix Documentation- Domain Name System

Powered by Wolken Software