< Home

Web: Example for Configuring Multi-server Smart DNS in ISP Egress Mode

This section provides an example for configuring multi-server smart DNS in ISP egress mode.

Networking Requirements

As shown in Figure 1, an enterprise deploys two web servers to provide the web service whose domain name is www.example.com. The public address of ISP1 server is 1.1.1.10, and the private address is 2.2.2.10. The public address of ISP2 server is 2.2.2.10, and the private address is 10.2.2.10. The DNS server of on the intranet of the enterprise has the mappings between domain name www.example.com and the two server public addresses (1.1.1.10 and 2.2.2.10).

The enterprise requires that when ISP1 users access www.example.com, the domain name can be resolved to public IP address 1.1.1.10 of the ISP1 server, then the access traffic be transmitted over the ISP1 network to the FW, and the FW can use the NAT Server function to map the public IP address to the private IP address 10.1.1.10 of the ISP1 server. When ISP2 users access www.example.com, the domain name can be resolved to public IP address 2.2.2.10 of the ISP2 server, then the access traffic be transmitted over the ISP2 network to the FW, and the FW can use the NAT Server function to map the public IP address to the private IP address 10.2.2.10 of the ISP2 server.

Figure 1 ISP egress-based multi-server smart DNS networking

Configuration Roadmap

As shown in Figure 1, ISP users usually obtain ISP server addresses 1.1.1.10 and 2.2.2.10. To enable ISP1 users to obtain ISP1 server address and ISP2 users to obtain ISP2 server address, configure smart DNS in ISP egress mode. The configuration roadmap is as follows:

  1. Enable smart DNS.

  2. Because two web servers are deployed on the intranet, configure multi-server smart DNS in ISP egress mode. Multi-server smart DNS needs to associate the ISP egresses and public ISP server addresses. For example, associate GE0/0/1 of ISP1 network with public ISP1 server address 1.1.1.10 and GE0/0/2 of ISP2 network with public ISP2 server address 2.2.2.10.

  3. Configure NAT Server.

    • Configure a NAT Server mapping for the FW to translate ISP1 public IP address 1.1.1.10 to the private IP address 10.1.1.10 of the ISP1 server, so that ISP1 users can access the ISP1 server using a public IP addresses.

    • Configure a NAT Server mapping for the FW to translate ISP2 public IP address 2.2.2.10 to the private IP address 10.2.2.10 of the ISP2 server, so that ISP2 users can access the ISP2 server using a public IP addresses.

  4. Configure the sticky load balancing function.

Procedure

  1. Choose Network > DNS > Smart DNS.
  2. Enable Smart DNS, and click Apply.
  3. In Smart DNS List, click Add.
  4. In Create Smart DNS, configure multi-server smart DNS and set ISP1 server address returned to ISP1 users to 1.1.1.10 and that to ISP2 users to 2.2.2.10.

  5. Click OK.
  6. Choose Policy > NAT Policy > Server Mapping.
  7. In Server Mapping List, click Add.

  8. In Add Address Mapping, configure server mapping as follows to translate the public IP address (1.1.1.10) of ISP1 server to the private IP address (10.1.1.10).

    Name

    isp1_server_nat

    Public IP Address

    1.1.1.10

    Private IP Address

    10.1.1.10

  9. Click OK.
  10. Click Add again.
  11. In Add Address Mapping, configure server mapping as follows to translate the public IP address (2.2.2.10) of ISP2 server to the private IP address (10.2.2.10).

    Name

    isp2_server_nat

    Public IP Address

    2.2.2.10

    Private IP Address

    10.2.2.10

  12. Click OK.
  13. Choose Network > Interface.
  14. Click of interfaces GigabitEthernet 0/0/1 and GigabitEthernet 0/0/2 respectively and configure sticky load balancing (in the example, basic interface settings, such as the interface IP addresses and default gateways, have been completed).

    The sticky load balancing function can be configured only after the IP address and gateway address are set on the interface.

Configuration Verification

  1. Run the ping www.example.com on the PC of an ISP1 user. The command output shows that the returned server address is 1.1.1.10.

  2. Run the ping www.example.com on the PC of an ISP2 user. The command output shows that the returned server address is 2.2.2.10.

Configuration Script

#
 nat server isp1_server_nat global 1.1.1.10 inside 10.1.1.10 no-reverse
 nat server isp2_server_nat global 2.2.2.10 inside 10.2.2.10 no-reverse
#
 dns-smart enable
#
dns-smart group 1 type multi
 out-interface GigabitEthernet 0/0/1 map 1.1.1.10
 out-interface GigabitEthernet0/0/2 map 2.2.2.10
#
interface GigabitEthernet 0/0/1
 ip address 1.1.1.2 255.255.255.0
 redirect-reverse next-hop 1.1.1.1
 gateway 1.1.1.1
#
interface GigabitEthernet0/0/2
 ip address 2.2.2.2 255.255.255.0
 redirect-reverse next-hop 2.2.2.1
 gateway 2.2.2.1
Parent Topic: Smart DNS (Inbound Link Selection)
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >