Scenario: You want to use a fully hosted, fast and secure recursive DNS for your network (office, home/home office, branch) You need to protect your internal clients and your whole network from malware activity, from phishing attempts and from botnets at the DNS level – that is – before any harm is done GSLB.me recursive DNS provides you with: Redundant, highly performing recursive DNS Realtime protection from thousands of malicious domains used by malware, phishing attacks, botnets Fully visibility and statistics on your DNS queries, with details on internal clients (private IPs) trying to access malicious/dangerous domains How to configure it: Log on to GSLB.me using your credentials… Read More
Continue ReadingConfiguring and using georouting
Scenario: You have several servers around the world publishing a website or an application that is accessed by users coming from different countries and geographies. You want to be able to decide which server(s) users will reach based on their country/countries of origin, and you want to handle “fallback” scenarios in case one or more servers are not available. GSLB.me georouting allows the creation of an unrestricted number of “routing rules” to achieve flexible, granular and precise DNS balancing and traffic distribution. Georouting rules can be based on: country of origin of the requesting DNS client region of origin of the requesting DNS client ASN (Autonomous System Number) of origin… Read More
Continue ReadingEnabling DNSSEC
Scenario: You need to enable the “Domain Name System Security Extensions” for one authoritative DNS zone you previously configured (please see the “Create an authoritative DNS zone” howto). How to configure DNSSEC: Log on to GSLB.me using your credentials From the main interface dashboard, click on the authoritative zone you want to enable DNSSEC for The zone configuration dashboard is then displayed. By default DNSSEC is disabled: click on the “Enabled” switch button to turn it on: After turning on the “Enabled” flag, a warning is displayed to remind you that you will have to send the DS record to your registrar, in order to establish the chain… Read More
Continue ReadingConfiguring and using passive checks
Scenario: You need to set up your smart DNS configuration so that the DNS resolution algorithm is driven by externally-fed performance/availability indicators, also known as metrics. In the following configuration example we will assume: the FQDN that will be resolved by clients worldwide is mytest.gslb.eu. This is your website/application host name. you have two servers (targets) that run contents for mytest.gslb.eu: 1 server with IP address 8.8.8.8 1 server with IP address 8.8.4.4 each server is considered available if its CPU load average is < 60% (this is handled by a passive check through metrics pushed to GSLB.me) How to configure it: Log on to GSLB.me using your… Read More
Continue ReadingUsing 2-factor authentication
Scenario: You want to use strong authentication when logging on to GSLB.me to configure and manage your DNS services. GSLB.me administration GUI and REST API are accessed via HTTPS. Enabling 2-factor authentication leverages Google Authenticator to provide One-Time Passwords for Web GUI access. How to configure it: Log on to GSLB.me using your credentials or register if you still don’t have an account. Username and password are required at this stage: since 2-factor authentication is not enabled yet, the “OTP Code” field can be left blank. After logging in, select the “Profile” menu at the top of the GUI and select the “2-factor authentication” option. The 2-factor… Read More
Continue ReadingImporting authoritative zones
Scenario: You want to perform a DNS migration from your current DNS infrastructure (either owned or hosted by a third party) to GSLB.me, and you want to leverage automatic import of your already existing zones. Import must not require manual configuration and must be based on standard DNS zone transfer from your existing authoritative DNS. How to configure it: Log on to GSLB.me using your credentials or register if you still don’t have an account The authoritative zones import dashboard can be accessed either by right-clicking on “Customer zones” on the left panel or on the “DNS zones import” icon in the main screen section. … Read More
Continue ReadingUsing Reporting and Data Intelligence
Scenario: You need to keep track and analyze DNS requests and responses for one of your running geohosts by configuring and customizing graphical reports. How to configure it: Log on to GSLB.me using your credentials or register if you still don’t have an account: To create a new graph from the main screen you can either right-click on the geohost name and select “Reporting engine“: Or you can select the “Geohost reporting engine” from the main panel: After clicking the “Geohost reporting engine” icon you can select the geohost you want to define graphs for using the dropdown menu: Accessing the “Geohost reporting engine” brings you… Read More
Continue ReadingConfiguring and using DNS firewall
Scenario: You are running a service that is dinamically resolved through a geohost (ie. myservice.gslb.info) and you need to set up security and DNS resolution rules to: respond “NXDOMAIN” (FQDN not found) to all Internet clients running malware that try to resolve myservice.gslb.info always allow (whitelist) DNS resolution from your own public IP subnet (ie. 1.1.1.0/24). DNS resolution will take place according to the geohost configuration (to set up your geohost please refer to one of our howtos listed here below) respond with CNAME “www.google.com” to queries coming from subnet 6.5.4.0/28 How to configure it: Log on to GSLB.me using your credentials or register if you still don’t… Read More
Continue ReadingCreate an authoritative DNS zone
Scenario: You want to use GSLB.me as the authoritative DNS for your domain “mydomain.com“. mydomain.com can be a new domain you’re about to register, or it can be an already existing domain. What you get: flexible IPv4 and IPv6 support support for A, AAAA, ALIAS, CAA, CERT, CNAME, LOC, MX, NS, RP, SOA, SPF, SRV, SSHFP, TXT records dynamic DNS support for as many FQDNs as you need configurable TTL for all records (subscribers only) support for wildcard records works with all Internet top level domains easy migration from your legacy DNS provider fast and advanced web user interface seamless configuration, no need to manage master and slave… Read More
Continue ReadingCreate URL Forwarding Rules
Scenario: You want to use GSLB.me to define URL Forwarding rules to translate a short, easy-to-remember URL to a longer web address that can point to a different port and/or rewriting an HTTP request into an HTTPS one. URL Forwarding is a feature that allows you to: share a shorter, easier-to-remember HTTP address that automatically redirects clients to a different HTTP/HTTPS address by changing the server name, the URI and the server port hide your complex website/application URLs behind an iframe-powered “masquerading” HTTP address host your own webserver on your home/office Internet connection even if your ISP is blocking direct access to port 80, 443 or other ports. The shorter… Read More
Continue Reading