Manual Chapter : 3-DNS Administrator Guide v1.0.6: Introduction to 3-DNS Controller

Applies To:

Show Versions Show Versions

3-DNS Controller versions 1.x - 4.x

  • 1.0.6
Manual Chapter


Introduction to 3DNS Controller

Welcome to the 3DNS Controller

The 3DNS® Controller is a wide area load distribution solution. It works in tandem with BIG/ip® Server Array Controllers, other server array controllers, and single network servers to intelligently allocate Internet and intranet service requests across a geographically distributed array of network servers. The 3DNS Controller provides intelligent name resolution and adds load balancing intelligence to the latest BIND technology. Using the 3DNS Controller, you can provide clients with optimal performance, the most current data, safe data access, high availability, and protection from failed systems.

Figure 1.1 shows how 3DNS Controllers fit into a global network.

Figure 1.1 Using 3DNS Controllers on a global network

The network in Figure 1.1 uses the following configuration:

  • The client machine uses an Internet Service Provider (ISP) located in Chicago to connect to the local DNS, which in turn connects to the primary DNS.
  • The primary DNS can be outside of the customer network, as shown here, or you can configure a 3DNS Controller to be the primary DNS within the customer network. In this example, name resolution requests for specified domains are delegated from the primary DNS to the 3DNS Controller that is the data collector. For step-by-step descriptions of the name resolution process, see pages 2-3 through 2-8 .
  • 3DNS Controllers are installed in New York, Los Angeles, and Tokyo.
  • The 3DNS Controller in New York is the data collector. As data collector, it gathers performance data by querying the BIG/ip Controllers in New York and Los Angeles, and the host machine in Tokyo.
  • The 3DNS Controllers in Los Angeles and Tokyo are data copiers. As data copiers, they copy performance data from the data collector (the 3DNS controller in New York) and store the collected data in their caches, in case the data collector fails.
  • The data collector resolves name resolution requests using the performance data and a load balancing algorithm. For details on the available load balancing modes, see Chapter 5, Load Balancing .

Note: Some countries do not allow data encryption. An international version of the 3DNS Controller is available for these situations. For more information, see Working with international versions, on page 2-15 .


With 3DNS Controllers properly implemented on a geographically dispersed network, the network becomes more efficient, reliable, and scalable.


3DNS Controllers increase efficiency of a network in the following ways:

  • Performance
    Maximizes access performance by providing highly available, transparent, IP services.
  • Intelligent routing
    Provides intelligent traffic routing with advanced load balancing algorithms: Completion Rate, Global Availability, Least Connections, Packet Rate, Quality of Service (QOS), Random, Ratio (also known as Weighted or Administrative Cost), Round Robin (RR), Round Trip Time (RTT), and Topology.
  • Ease of integration
    Integrates seamlessly with BIG/ip Controllers. Also integrates with other array controllers, as well as individual network servers.
  • Collecting information
    The 3DNS Controller collects information, allowing the 3DNS Controller to answer subsequent requests from a local DNS more intelligently. Answers are returned immediately. The 3DNS Controller does not collect information as a result of or during the name resolution process. Instead, the 3DNS Controller collects information at pre-configured intervals. With the 3DNS Controller, you can specify how long data is saved in the cache. For example, by specifying low time to live (TTL) values, you ensure that client requests are satisfied with the most current data, rather than with existing data from the cache.


It is important to ensure that clients have access to the services they need at all times. The following features ensure the reliability of a network:

  • Adherence to standards
    The 3DNS Controller is based on industry-standard DNS.
  • Transparent distribution
    The 3DNS Controller allows transparent distribution of all IP services.
  • Encryption
    3DNS Controllers distributed only in the US provide support for Blowfish CBC encryption, which keeps iQuery protocol transactions secure. The iQuery protocol is the protocol used to communicate and exchange information between BIG/ip Controllers and 3DNS Controllers. Note that 3DNS Controllers distributed outside the US do not support encryption.


3DNS Controllers provide the flexibility to effectively manage changing network demands. With 3DNS Controllers in place, your network becomes more scalable by:

  • Allowing servers and BIG/ip Controller clusters to be transparently added or removed.
  • Supporting an unlimited number of distributed content servers and array controllers.
  • Leveraging BIG/ip Controller's ability to handle all servers in a local array as a single IP address.

What's new in this version

The following features are new in version 1.0.6 of the 3DNS Controller.

New load balancing options

The 3DNS Controller now supports three hierarchical load balancing methods. For each pool in a wideip statement, you can specify a preferred method, an alternate method, and a fallback method. See The wide IP statement, on page 7-21 .

Topology-based access control

3DNS Controller can now control access to specific data centers, based on the IP address of the requesting local DNS. See Topology-based access control, on page 5-15 .

New static load balancing mode: Topology

The new Topology load balancing mode distributes connections based on the proximity of a local DNS to a particular data center. See page 5-21 . The topology mode can also be incorporated into the Quality of (QOS) load balancing mode.

New distribution method: e-commerce

Using the port_list parameter, you can configure a wide IP so that connections are not sent to a given address unless all listed services are available. This feature is especially useful for e-commerce transactions. See E-commerce, on page 5-22 .

New versions of big3d

3DNS Controller includes a new big3d utility for all versions of BIG/ip Controller.

Enhancements to the 3DNS Web Administration tool

The 3DNS Web Administration tool now includes an Administration area where you can change the 3DNS Controller configuration and control statistics collection. The original statistics screens also contain new information in several areas. See Chapter 6, Web Administration .

3DNS Maintenance menu changes

The 3DNS Maintenance menu includes several new commands:

  • Check versions of named, BIG/ip kernel and needed big3d
  • Edit big3d matrix
  • Dump and List named database
  • Display mode of wideip.conf
  • Use Static wideip.conf
  • Use Dynamic wideip.conf

    See The 3DNS Maintenance menu, on page 4-23 .

iQuery enhancements

3DNS Controller has three new iQuery options:

  • New port
    The iQuery protocol is officially registered with the IANA for port 4353, and you can run iQuery on either that port or on the original port 245.
  • Port selection
    You can distribute return iQuery traffic across individual ephemeral ports, or you can use either port 245 or 4353 as a single port for return iQuery traffic.
  • Translation
    You can now set iQuery to include translated IP addresses in iQuery packets (useful for configurations where iQuery communication between a BIG/ip Controller and a 3DNS Controller passes through a firewall). See Configuring iQuery options, on page 4-20 .

Improved path probing

3DNS Controller now has advanced path probing schemes, which determine path attributes such as round trip time and packet completion rate. See Understanding probing, on page 2-21 .

Storing dynamic and static copies of the wideip.conf file

You can now store your original wideip.conf file separately from a wideip.conf file that stores current path and local DNS information. See Working with static and dynamic wideip.conf files, on page C-2 .

Increasing storage space for zone files

You now have the option of storing zone files in a /var/namedb directory, which offers substantially more storage space than the /etc/namedb directory. See Storing zone files, on page 3-7 .

New First-Time Boot utility trigger

In previous versions of 3DNS Controller, the First-Time Boot utility ran at start up if the system did not detect the /etc/wideip.conf file. However, in the current version, the First-Time Boot utility is triggered only if the /etc/netstart file is not found. The /etc/wideip.conf file is no longer used to trigger or prevent the First-Time Boot utility from running at start up. If you are upgrading from an earlier version, you must change the appropriate lines in the /etc/rc file to take advantage of this change. See Upgrading an earlier version, on page 3-4 .

Comments are allowed in bigips.txt and 3dns.txt files

You can now use shell style comments (also known as Perl style comments) in the bigips.txt and 3dns.txt files. See File location, on page D-20 .

Support for international 3DNS Controllers

3DNS Controller now supports versions for international distribution. See page 2-15 .

New utility: watchdog-named

You can use the new watchdog-named utility to start and monitor the named process. See watchdog-named, on page D-3 . It is important to note that when your 3DNS Controller is using watchdog-named, you cannot use ndc to stop, start, or restart named. Instead, you must use 3ndc. See 3ndc, on page D-5 .

Conventions used in this manual

This section describes the typographic and terminology conventions used in this manual.

Typographic conventions

Understanding these conventions is especially useful in learning command syntax.


Certain characters are used to indicate whether a parameter is mandatory or optional, or whether you can use one parameter or another.

  • Mandatory parameters
    Angle brackets (< >) enclose mandatory parameters where you must type the data associated with a command.
  • Optional parameters
    Brackets ([ ]) enclose optional parameters.
  • Choice of parameters
    A vertical bar ( | ) between two values means that either value is acceptable.


The courier typeface is used to distinguish user input and computer output from explanatory text.

  • Computer prompts, computer output, and file excerpts
    Computer prompts, computer output, and file excerpts are shown in Courier type, as in:

    globals {

default_alternate ratio

  • User input
    Text you must type is shown in bold Courier type, as in:

    big3d -version

Terminology conventions

The following terms, used in this manual, require some explanation:

Host machine

The term host machine refers to an individual network server or server array controller other than the BIG/ip Controller.

Data collector/data copier

You can configure a 3DNS Controller to be a data collector or a data copier:

  • Data collector
    A data collector is a 3DNS Controller that collects metrics information. By default, all 3DNS Controllers on a global network are peers, meaning that they each collect metrics information. A 3DNS Controller is a data collector until you specifically designate it to be data copier using the globals sub-statement primary_ip. See Defining data collectors and data copiers, on page 4-18 .
  • Data copier
    A data copier is a 3DNS Controller that copies metrics from a data collector at intervals specified with the globals sub-statement sync_db_interval. Data copiers do not collect metrics themselves.


The Domain Name System (DNS) is a distributed database that maps IP addresses to host names. All DNS servers (DNS and 3DNS) resolve names.

The terms primary and secondary are used to differentiate between DNS systems that maintain authoritative zone information, and DNS systems that copy zone information from other DNS systems:

  • Primary DNS
    A primary DNS is the authoritative source for zone information. All DNS servers can resolve names, but zone files are kept and configured only on primary DNS servers.
  • Secondary DNS
    A secondary DNS is a DNS server that is instructed to get its database from a primary DNS on a zone-by-zone basis. The secondary DNS copies zone files from the primary DNS at startup, when a timer expires in the SOA record, or when a dynamic update occurs.

    This manual assumes that you have general knowledge of DNS. For complete documentation of DNS, you can refer to O'Reilly & Associates' book DNS and BIND (second or third edition). When you review DNS documentation that covers BIND 8, you will notice that BIND 8 now uses the terms master and slave instead of primary and secondary.

Note: You can configure a 3DNS Controller so that it handles DNS name resolution and authoritative zone information, in addition to metrics collection. In this case, the 3DNS machine is the data collector as well as the primary DNS.

Virtual server

The term "VIP" has been replaced by virtual server, and it is used to refer to a specific combination of a virtual IP address and a virtual port number managed by a BIG/ip Controller or other host machine. Throughout this manual, virtual servers managed by BIG/ip Controllers are represented by vsb, and virtual servers managed by other host machines are represented by vsh.


The term node refers to a specific combination of a node address and a node port number, which is managed by the BIG/ip Controller. A BIG/ip Controller maps each virtual server to one or more nodes. In the 3DNS Web Administration tool, Nodes Up denotes the number of nodes that are currently available for a given virtual server. The 3DNS Controller monitors and collects data for nodes that are managed only by BIG/ip Controllers.

Local DNS

The term local DNS refers to a DNS server that makes name resolution requests on behalf of a client. From the 3DNS Controller's perspective, the local DNS is the source of the name resolution request.