ADC

Configuring DNS64

Creating the required entities for stateful NAT64 configuration on the Citrix ADC appliance involves the following procedures:

  • Add DNS services. DNS services are logical representations of DNS servers for which the Citrix ADC appliance acts as a DNS proxy server. For more information on setting optional parameters of a service, see “Load Balancing”.
  • Add DNS64 action and DNS64 policy and then bind the DNS64 action to the DNS64 policy. A DNS64 policy specifies conditions to be matched against traffic for DNS64 processing according to the settings in the associated DNS64 action. The DNS64 action specifies the mandatory DNS64 prefix and the optional exclude-rule and mapped-rule settings.
  • Create a DNS load balancing virtual server and bind the DNS services and the DNS64 policy to it. The DNS load balancing virtual server acts as a DNS proxy server for DNS servers represented by the bound DNS services. Traffic arriving at the virtual server is matched against the bound DNS64 policy for DNS64 processing. For more information on setting optional parameters of a load balancing virtual server, see “Load Balancing.

Note

The command line interface has separate commands for these two tasks, but the GUI combines them in a single dialog box.

  • Enable caching of DNS records. Enable the global parameter for the Citrix ADC appliance to cache DNS records, which are obtained through DNS proxy operations. For more information on enabling caching of DNS records, see “Enabling Caching of DNS Records”.

To create a service of type DNS by using the command line interface

At the command prompt, type:

add service <name> <IP> <serviceType> <port> …
<!--NeedCopy-->

To create a DNS64 action by using the command line interface

At the command prompt, type:

add dns action64 <actionName> -Prefix <ipv6_addr|*> [-mappedRule <expression>] [-excludeRule <expression>]
<!--NeedCopy-->

To create a DNS64 policy by using the command line interface

At the command prompt, type:

add dns policy64 <name> -rule <expression> -action <string>
<!--NeedCopy-->

To create a DNS load balancing virtual server by using the command line interface

At the command prompt, type:

add lb vserver <name> DNS <IPAddress> <port> -dns64 (ENABLED | DISABLED) [-bypassAAAA ( YES | NO)] …
<!--NeedCopy-->

To bind the DNS services and the DNS64 policy to the DNS load balancing virtual server by using the command line interface

At the command prompt, type:

bind lb vserver <name> <serviceName> ...

bind lb vserver <name> -policyName <string> -priority <positive_integer> ...
<!--NeedCopy-->

Sample configuration:

add service SVC-DNS-1 203.0.113.50 DNS 53
Done
add service SVC-DNS-2 203.0.113.60 DNS 53
Done
add dns Action64 DNS64-Action-1 -Prefix 2001:DB8:300::/96
Done
add dns Policy64 DNS64-Policy-1 -rule "CLIENT.IPv6.SRC.IN_SUBNET(2001:DB8:5001::/64)" -action DNS64-Action-1
Done
add lb vserver LBVS-DNS64-1 DNS 2001:DB8:9999::99 53 -dns64 ENABLED
Done
bind lb vserver LBVS-DNS64-1 SVC-DNS-1
Done
bind lb vserver LBVS-DNS64-1 SVC-DNS-2
Done
bind lb vserver LBVS-DNS64-1 -policyname DNS64-Policy-1 -priority 2
Done
<!--NeedCopy-->