1

Introduction

• Getting started
• Using the Administrator Kit
• What is the 3-DNS?
• What's new in version 4.2
• Finding help and technical support resources

Getting started

The 3-DNS Administrator Guide is designed to help you quickly install and configure the 3-DNS® system to manage your wide-area network traffic and DNS. The Administrator Guide contains the following chapters:

• Planning the 3-DNS Configuration
  This chapter describes the network and configuration planning you need to do before you install the 3-DNS in your network.
• Setting Up the Hardware
  This chapter describes the physical installation of the 3-DNS system.
• Working with the Setup Utility
  This chapter describes the Setup utility and its functions. The Setup utility runs automatically the first time you turn on the 3-DNS.
• Configuring the Base Network
  This chapter describes the base network, which includes the IP addresses, VLANs, and network interfaces on the 3-DNS.
• Essential Configuration Tasks
  This chapter describes the software configuration tasks you must complete, regardless of the type of wide-area traffic management you want to configure.
• Configuring a Globally Distributed Network
  This chapter describes the tasks you complete to set up a globally distributed network.
• Configuring a Content Delivery Network
  This chapter describes the tasks you complete to set up a network that includes a CDN provider.
• Working with Quality of Service
  This chapter describes the components of the Quality of Service load balancing mode.
• Working with Global Availability Load Balancing
  This chapter describes the components of the Global Availability load balancing mode.
• Adding a 3-DNS to an Existing Network
  This chapter describes the tasks you complete to configure an additional 3-DNS in a network that already contains one or more 3-DNS systems.
• Administration and Monitoring
  This chapter describes the administrative tasks you complete for the 3-DNS, as well as the monitoring tools that are provided with the 3-DNS.

Choosing a configuration tool

The 3-DNS provides several web-based and command line administrative tools that make for easy setup and configuration. Use the following overview to help you decide when each utility is best used.

Setup utility

The Setup utility is a wizard that walks you through the initial system setup. The utility helps you quickly define basic system settings, such as a root password and the IP addresses for the interfaces that connect the 3-DNS to the network. The Setup utility also helps you configure access to the 3-DNS web server, which hosts the web-based Configuration utility, as well as the NameSurfer^TM application that you can use for DNS zone file management.

Configuration utility

The Configuration utility is a web-based application that you use to configure and monitor the 3-DNS. Using the Configuration utility, you can define the load balancing configuration along with the network setup, including data centers, sync groups, and servers used for load balancing and path probing. In addition, you can configure advanced features such as topology settings and SNMP agents. The Configuration utility also monitors network traffic, current connections, load balancing statistics, performance metrics, and the operating system itself.

The 3-DNS web server, which hosts the Configuration utility, provides convenient access to downloads such as the SNMP MIB, and documentation for third-party applications such as NameSurfer.

NameSurfer application

The NameSurfer application is a third-party application that automatically configures DNS zone files associated with domains handled by the 3-DNS. You can use NameSurfer to configure and maintain additional DNS zone files on a 3-DNS that runs as a primary DNS server. The Configuration utility provides direct access to the NameSurfer application, as well as the corresponding documentation for the application. Please note that your license allows you to manage a maximum of 100 IP addresses in the NameSurfer application. For more information, refer to the end-user license agreement included in your product shipment.

3-DNS Maintenance menu

The 3-DNS Maintenance menu is a command line utility that executes scripts which assist you in configuration and administrative tasks, such as installing the latest version of the big3d agent on all your systems, or restarting the 3-DNS web server. You can use the 3-DNS Maintenance menu from a console connection, from a remote shell connection, or from the MindTerm SSH Console in the Configuration utility.

Browser support

The Configuration utility, which provides web-based access to the 3-DNS system configuration and features, supports the following browser versions:

• Netscape Navigator 4.5 and 4.7
• Microsoft Internet Explorer, version 4.02 or later

Using the Administrator Kit

The 3-DNS Administrator Kit provides simple steps for quick, basic configuration, and also provides detailed information about more advanced features and tools, such as the 3dnsmaint command line utility. The information is organized into the guides described as follows.

• Configuration Worksheet
  Use the Configuration Worksheet to gather the IP addresses, default routes, administrative account, and server information you need to configure the 3-DNS. The Setup utility prompts you for this information when you configure the 3-DNS for the first time.
• Hardware poster
  The hardware poster is a graphical representation of the physical components of the 3-DNS.
• 3-DNS Administrator Guide
  The 3-DNS Administrator Guide provides examples of common wide-area load balancing solutions supported by the 3-DNS. For example, in the Administrator Guide, you can find everything from a basic DNS request load balancing solution to a more advanced content acceleration load balancing solution. The Administrator Guide also covers general network administration issues, such as installing the hardware and setting up the networking configuration.
• 3-DNS Reference Guide
  The 3-DNS Reference Guide provides basic descriptions of individual 3-DNS objects, such as wide IPs, pools, virtual servers, load balancing modes, the big3d agent, resource records, and production rules. It also provides syntax information for 3dnsmaint commands, configuration utilities, the wideip.conf file, and system utilities.
  
  

Note: If you are configuring the 3-DNS module on the BIG-IP, use the BIG-IP Reference Guide and hardware poster to set up and configure the hardware.

Stylistic conventions

To help you easily identify and understand certain types of information, this documentation uses the stylistic conventions described below.

Warning: All examples in this documentation use only non-routable IP addresses. When you set up the solutions we describe, you must use IP addresses suitable to your own network in place of our sample IP addresses.

Identifying new terms

When we first define a new term, the term is shown in bold italic text. For example, a wide IP is a mapping of a fully-qualified domain name to a set of virtual servers that host the domain's content.

Identifying references to products

We refer to all products in the BIG-IP product family as the BIG-IP. We refer to the 3-DNS Controller and the 3-DNS module as the 3-DNS. If specific configuration information relates to a specific platform, we note the platform.

Identifying references to objects, names, and commands

We apply bold text to a variety of items to help you easily pick them out of a block of text. These items include web addresses, IP addresses, utility names, and portions of commands, such as variables and keywords. For example, the nslookup command requires that you include at least one <ip_address> variable.

Identifying references to other documents

We use italic text to denote a reference to another document. In references where we provide the name of a book as well as a specific chapter or section in the book, we show the book name in bold, italic text, and the chapter/section name in italic text to help quickly differentiate the two. For example, you can find information about 3dnsmaint commands in the 3-DNS Reference Guide, Chapter 2, 3-DNS Maintenance Menu.

Identifying command syntax

We show actual, complete commands in bold Courier text. Note that we do not include the corresponding screen prompt, unless the command is shown in a figure that depicts an entire command line screen. For example, the following command sets the 3-DNS load balancing mode to Round Robin:

lb_mode rr

Table 1.1 explains additional special conventions used in command line syntax.

What is the 3-DNS?

A 3-DNS is a network appliance that monitors the availability and performance of global resources, and uses that information to manage network traffic patterns. The 3-DNS uses load balancing algorithms, topology-based routing, and production rules to control and distribute traffic according to specific policies. The system is highly configurable, and its web-based and command line configuration utilities allow for easy system setup and monitoring.

3-DNS provides a variety of features that meet special needs. For example, with this product you can:

• Configure a content delivery network with a CDN provider
• Guarantee multiple port availability for e-commerce sites
• Ensure wide-area persistence by maintaining a mapping between an local DNS server and a virtual server in a wide IP pool
• Direct local clients to local servers for globally-distributed sites using Topology load balancing
• Change the load balancing configuration according to current traffic patterns or time of day
• Customize load balancing modes
• Set up load balancing among BIG-IP systems, EDGE-FX Caches, and other load-balancing hosts
• Monitor real-time network conditions

Internet protocol and network management support

The 3-DNS supports both the standard DNS protocol and the 3-DNS iQuery protocol (a protocol used for collecting dynamic load balancing information). The 3-DNS also supports administrative protocols, such as Simple Network Management Protocol (SNMP), and Simple Mail Transfer Protocol (SMTP) (outbound only), for performance monitoring and notification of system events. For administrative purposes, you can use SSH (distributed only on crypto 3-DNS systems), RSH, Telnet, and FTP. The Configuration utility supports HTTPS, for secure web browser connections using SSL (distributed only on crypto 3-DNS systems), as well as standard HTTP connections.

The proprietary 3-DNS SNMP agent allows you to monitor status and current traffic flow using popular network management tools. The 3-DNS SNMP agent provides detailed data such as current connections being handled by each virtual server.

Security features

The 3-DNS offers a variety of security features that can help prevent hostile attacks on your site or equipment.

• Secure administrative connections
  Crypto versions of the 3-DNS support Secure Shell (SSH) administrative connections using the Mindterm SSH Console, for browser-based remote administration, and SSH for remote administration. The 3-DNS web server, which hosts the web-based Configuration utility, supports SSL connections as well as user authentication.
• Secure iQuery communications
  Crypto versions of the 3-DNS also support Blowfish encryption for iQuery communications between the 3-DNS and other systems running the big3d agent.
• TCP wrappers
  TCP wrappers provide an extra layer of security for network connections.

Configuration scalability

The 3-DNS is a highly scalable and versatile solution. You can configure the 3-DNS to manage up to several hundred domain names, including full support of domain name aliases. The 3-DNS supports a variety of media options, including Fast Ethernet, and Gigabit Ethernet; the 3-DNS also supports multiple network interface cards that can provide redundant or alternate paths to the network.

Note: If you use NameSurfer to manage your DNS zone files, you can configure only up to 100 IP addresses and domain names.

System synchronization options

The 3-DNS sync group feature allows you to automatically synchronize configurations from one 3-DNS to any other 3-DNS in the network, simplifying administrative management. The synchronization feature offers a high degree of administrative control. For example, you can set the 3-DNS to synchronize a specific configuration file set, and you can also set which 3-DNS systems in the network receive the synchronized information and which ones do not.

Configuring data collection for server status and network path data

The 3-DNS platform includes the big3d agent, which is an integral part of 3-DNS load balancing. The big3d agent continually monitors the availability of the servers that the 3-DNS load balances. It also monitors the integrity of the network paths between the servers that host the domain, and the various local DNS servers that attempt to connect to the domain. The big3d agent runs on any of the following platforms: 3-DNS, BIG-IP, EDGE-FX Cache, and GLOBAL-SITE. Each big3d agent broadcasts its collected data to all of the 3-DNS systems in your network, ensuring that all 3-DNS systems work with the latest information.

The big3d agent offers a variety of configuration options that allow you to choose the data collection methods you want to use. For example, you can configure the big3d agent to track the number of router hops (intermediate system transitions) along a given network path, and you can also set the big3d agent to collect host server performance information using the SNMP protocol. For further details on the big3d agent, refer to the 3-DNS Reference Guide, Chapter 4, The big3d Agent.

Redundant system configurations

A redundant system is essentially a pair of 3-DNS units, with one operating as the active unit that responds to DNS queries, and the other one operating as the standby unit. If the active unit fails, the standby unit takes over and begins to respond to DNS queries while the other 3-DNS restarts and becomes the standby unit.

The 3-DNS actually supports two methods of checking the status of the peer system in a redundant system:

• Hardware-based fail-over
  In a redundant system that has been set up with hardware-based fail-over, the two units in the system are connected to each other directly using a fail-over cable attached to the serial ports. The standby unit checks on the status of the active unit once every second using this serial link.
• Network-based fail-over
  In a redundant system that has been set up with network-based fail-over, the two units in the system communicate with each other across an Ethernet network instead of going across a dedicated fail-over serial cable. The standby unit checks on the status of the active unit once every second using the Ethernet.

  Note: In a network-based fail-over configuration, the standby 3-DNS immediately takes over if the active unit fails. If a client has queried the failed 3-DNS, and not received an answer, it automatically re-issues the request (after 5 seconds) and the standby unit, functioning as the active unit, responds.

Monitoring the 3-DNS and the network

The 3-DNS includes sophisticated monitoring tools to help you monitor the 3-DNS, the traffic it manages, and the Internet. The following monitoring tools are available on the 3-DNS: the Statistics screens, the Internet Weather Map, and the Network Map. All of these tools are in the Configuration utility.

Comparing a 3-DNS to a BIG-IP

A 3-DNS load balances traffic for a globally-distributed network, and a BIG-IP load balances traffic for a local area network. While both systems provide load balancing, one of the significant differences between the BIG-IP and the 3-DNS is that the 3-DNS responds to DNS requests issued by an LDNS on behalf of a client, while the BIG-IP provides connection management between a client and a back-end server.

Once the 3-DNS returns a DNS answer to an LDNS, the conversation between the LDNS and the 3-DNS ends, and the client connects to the IP address returned by the 3-DNS. Unlike the 3-DNS, the BIG-IP sits between the client and the content servers. It manages the client's entire conversation with the content server.

What's new in version 4.2

The 3-DNS, version 4.2 offers the following major new features in addition to many other enhancements.

Custom regions for Topology

When you use the Topology load balancing mode, you can now configure user-defined regions. By specifying user-defined regions, you can customize the topology statement to best meet the traffic management needs of your customers and your network. For more information, refer to Understanding user-defined regions, in the 3-DNS Reference Guide, Chapter 13, Topology.

Router, bridge, and node modes

The 3-DNS can run in three modes: node, bridge, and router.

• In node mode, the 3-DNS runs as it always has - as an authoritative DNS for either a domain or sub-domain - in addition to managing global traffic. In node mode only, you can use the NameSurfer application to manage your DNS zone files.
• In bridge mode, the 3-DNS intercepts DNS packets, routes requests that map to wide IPs to the best virtual server, and forwards all other DNS packets to a DNS server in the same subnet.
• In router mode, the 3-DNS functions similarly to bridge mode, with the exception that the 3-DNS interacts with two or more IP subnets.
  
  

  For more information, refer to Choosing the 3-DNS mode, on page 2-10 , and Configuring the 3-DNS mode, on page 4-8 .

Internet Weather Map

With the Internet Weather Map, you can monitor the health of the traffic between your data centers and users requesting your site. The Internet Weather Map is provides real-time data when you use path-based, or dynamic, load balancing methods, such as Round Trip Times and Completion Rate. For more information, refer to the 3-DNS Reference Guide, Chapter 7, Internet Weather Map.

ECV search string

You can now specify a regular expression text string that you want to verify as part of an extended content verification (ECV) monitor on a wide IP. For more information, refer to the 3-DNS Reference Guide, Chapter 6, Extended Content Verification (ECV).

Setup utility

The 3-DNS now offers a menu-driven Setup utility for all setup activities such as defining the default route, assigning IP addresses to the interfaces, and configuring remote access and administrative accounts. Several options on the Setup utility incorporate the configuration steps of the First-Time Boot utility from previous releases. The Setup utility also replaces all config_<option> commands. For more information, refer to Chapter 4, Working with the Setup Utility .

Finding help and technical support resources

You can find additional technical documentation about the 3-DNS in the following locations:

• Release notes
  Release notes for the 3-DNS are available from the home screen of the Configuration utility. The release note contains the latest information for the current version, including a list of new features and enhancements, a list of fixes, and a list of known issues.
• Online help for 3-DNS features
  You can find help online in three different locations:
  
  
  • The Configuration utility home screen has PDF versions of the guides included in the Administrator Kit. The 3-DNS software upgrades replace the guides with updated versions as appropriate.
  • The Configuration utility has online help for each screen. Click the Help button in the toolbar.
  • Individual commands have online help, including command syntax and examples, in standard UNIX man page format. Type the command followed by -h or -help, and the 3-DNS displays the syntax and usage associated with the command. You can also type man <command> to display the man page for the command.
• Third-party documentation for software add-ons
  The Configuration utility contains online documentation for the third-party software included with the 3-DNS, including NameSurfer.