Page tree

Contents

BloxOne Anycast Synchronization Service synchronizes anycast addresses from Anycast Service to DNS Service. To maintain synchronization, the host is monitored and polled periodically from the host management service (dns-config-hms service). Any changes to the host will be reported via the host app notification service. Anycast is also monitored for changes. Any changes to anycast service are reported via the anycast configuration notification. Anycast address configuration information for all hosts can also be retrieved using the API.

Synchronization Monitoring between Anycast and DNS


The following synchronization monitoring occurs between Anycast and DNS: 

  • Where DNS Service is tied to an Anycast address and is installed. Any DNS Service to which the Anycast address is tied to is enabled. This assumes a single interface deployment.
  • Where DNS Services is tied to an Anycast address and is enabled.
  • Where DNS Service is tied to an Anycast address and id functioning on port 53.


In the event of co-deployment of multiple DNS services where ephemeral ports are used, connectivity is monitored between all hosts and Anycast service. For example, if BloxOne DDI DNS and DNS Forwarding Proxy are co-deployed, then BloxOne DDI DNS will forward to DNS Forwarding Proxy.  Since DNS Forwarding Proxy is not listening on the physical port 53, it will not be checked for this port. However, if DNS Forwarding Proxy is non-operational, then BloxOne DDI DNS will not be able to forward to DNS Forwarding Proxy.  

Note

Loopback (1.0.0.127.in-addr.apra for IPv4, for example) must be resolvable for any DNS server supporting the capability.

The Anycast configuration is configured as a template which can be applied to one or more selected (filtered, tagged, checked) DNS services. The configuration of individual properties in the template may be overridden for each DNS service.

 All Anycast settings are separately permissionable, so only authorized admins are able to create, view, modify, or delete settings.

  • Permissions must be able to be configured globally, by service matching (or not matching) specific tags, or by individual service.
  • Permissions must be able to be configured to specific individual, selected, or matching (or not matching) tagged users.

Each Anycast IP address must be unique and can only be used for one protocol service. Once an IP address is defined for a service, it cannot be used with another service.


  • No labels

This page has no comments.