Setting up Inbound Load Balance with a Delegated Sub-domain

Knowledgebase Tips and Tricks
1

Inbound Load Balancing distributes inbound data traffic over multiple WAN links to computers behind Peplink Balance. Peplink Balance 210, 310, 305, 380, 580, 710, and 1350 have a built-in DNS server that enables this functionality.

Authoritative DNS functionality is not available on Peplink Balance 20 and 30.

Inbound Load Balancing is configured via both of the following:

  • DNS records configured within Peplink Balance
  • External DNS records at an Authoritative DNS Server
The following is a simplified typical example of an Inbound Load Balancing scenario, further details subsequently follow:
  1. The domain foobar.com is resolved by an authoritative DNS external to Peplink Balance.
  2. The web server that serves foobar.com is housed behind Peplink Balance, where Peplink Balance distributes the web server’s data traffic across two WAN links (i.e. WAN1 and WAN2).
  3. The authoritative DNS delegates to Peplink Balance the resolution of hostname foobar.com. For the purpose of this example, other hosts (e.g. mail, ftp, etc.) in the foobar.com domain are resolved by the authoritative DNS.
  4. Authoritative DNS records that enable Inbound Load Balancing to foobar.com are shown in blue in the following diagram.

inbound_load_balance

In further detail, with the aforementioned DNS records, the following steps take place when resolving the hostname foobar.com:
  1. A client computer requires resolution for foobar.com, and queries the Authoritative DNS Server for foobar.com.
  2. The Authoritative DNS Server for foobar.com checks its DNS records:
    • The DNS records of type “NS” delegate the resolution of hostname foobar.com to two places:wan1balance, and wan2balance
    • wan1balance represents the hostname at which Peplink Balance can be reached via its WAN1 connection.
    • wan2balance represents the hostname at which Peplink Balance can be reached via its WAN2 connection.
    • Both wan1balance and wan2balance are returned as the result of the DNS query.
  3. The client computer queries, via wan1balance, the DNS of Peplink Balance for the resolution of foobar.com. In the event that the WAN1 connection is down, the DNS query would not succeed. However, as a built-in mechanism of the DNS protocol, the client computer then queries via wan2balance to resolve the hostnamefoobar.com.
  4. Peplink Balance, upon receiving the DNS query, returns to the client computer the IP addresses of foobar.com that correspond to available WAN links. For example:
    • If both WAN1 and WAN2 are available, then both the IP address that corresponds to WAN1 and that of WAN2 are returned.
    • If WAN1 is available but WAN2 is down, then the IP address that corresponds to WAN1 is returned, but that of WAN2 is not returned.
1 Like
2

Base on the scenario described in this article on configuring the Peplink as authoritative DNS server to hold all the DNS records and also using external DNS records at an authoritative DNS server, we have another scenario where the customer is trying to use Peplink for both inbound and outbound load balancing. The customer is holding their own authoritative DNS server inside their network with public IP address, and they have 3 mail servers and 1 web servers inside their network, each taking a separate public IP address.

Under this scenario, can inbound load balancing still achievable with Peplink over two WAN links? if yes, what will be the configuration like?