Using the Traffic Manager to Provide Optimal Gateway Selection

An organization can deploy multiple instances of PCS across a series of global data center locations to provide secure remote access facilities to users local to that region. Each location might contain a single PCS device, or possibly a cluster of PCS devices to ensure VPN service availability in the event of a single device failure. However, in the event of regional disruption, total service loss is possible.

Furthermore, users must manually determine the optimal PCS gateway for their needs at any given geographic location. Configuration and URL settings for all locations must be maintained across all users and all devices.

If complete failure occurs at any one location, user or admin intervention is required to force failover to an alternate PCS gateway in another location.

To alleviate this problem, the Traffic Manager provides a wizard - "Optimal Gateway Selection" - that configures a single, unified, enterprise-wide endpoint URL for your globally-distributed PCS gateway services. The Traffic Manager uses DNS-based Global Server Load Balancing (GSLB) to provide optimum gateway selection and dynamic failover based on a series of observed criteria:

•The geographic location of the user relative to the nearest available PCS gateway

•The current availability of the selected PCS gateway

•The measured load on the selected PCS gateway

To provide the GSLB function, you must use the Traffic Manager as an authoritative DNS server. The Optimal Gateway Selection wizard does not support use of a separate back-end DNS service.

When the Traffic Manager receives a DNS request from a client for the unified endpoint URL, the Traffic Manager adds location-awareness to the DNS lookup, such that the result of the lookup becomes dependent upon its source. It determines and modifies the response, based on configurable metrics (such as geographic proximity and load), before sending the response back to the client.

The Traffic Manager continually monitors the health of all PCS service locations, and automatically redirects users to a working location in the event of service failure.

Making changes to your PCS infrastructure later, such as replacing one location with another, requires an update only to your Traffic Manager configuration. All users continue to use the unified endpoint URL, with no client configuration updates required.

Using the Optimal Gateway Selection Wizard

The Traffic Manager includes a wizard that gathers details about your globally distributed PCS infrastructure and requirements for a unified VPN endpoint. The wizard configures the required settings in the Traffic Manager to create a fully functioning GSLB service based on the following topology.

The Traffic Manager implements GSLB techniques as the Global Load Balancer (GLB) feature. The GLB feature uses a number of components, listed as follows:

•DNS Virtual Servers: Dual Virtual Servers listen for DNS requests over both TCP and UDP and return the IP address of the nearest available PCS service location.

•DNS Zone: Encapsulates a DNS Zone File and specifies the domain origin. The DNS Zone File contains the IP address and hostname mappings for your PCS services.

•GLB Service: Represents the global load balancing configuration that you want to use for a set of DNS domains. The GLB service links to the GLB locations and contains the load-balancing and monitoring logic used to determine the response to a DNS request for a given set of conditions.

•Service Monitor: Monitors the status of a GLB location and informs the load-balancing decision for each incoming request.

•GLB Location: The definition of a geographic location in the world. GLB locations are used by a GLB Service to determine where DNS responses should direct clients, based on proximity and availability. Each PCS service location is represented by a GLB Location.

To run the wizard, click the "Wizards" drop-down menu in the tool bar, then select "Optimal Gateway Selection".

The Traffic Manager displays the first page of the wizard.

Click Next to continue.

On each wizard page, use Cancel to cancel the wizard without making any changes to the Traffic Manager. Use Back to return to the previous page and Next to continue on to the next page.

The Traffic Manager uses the identifier you provide here as a prefix for all configuration objects it creates through this process.

Type an identifying name and click Next to continue.

Use this page to determine if the new DNS service listens on all IP addresses hosted by your Traffic Manager cluster, or just on the Traffic IP addresses in specific Traffic IP Groups. For further information on Traffic IP addresses and Groups, see Traffic IP Groups and Fault Tolerance.

Click Next to continue.

Enter the fully qualified domain name you want to use as your unified endpoint URL. Next, select the domain and IP address for your primary and secondary nameservers.

Click Next to continue.

Use this page to define your PCS service locations. For each location, enter a name, IP address(es), and physical location. The Traffic Manager uses this information to establish the GLB Locations used by your service. To add further locations, click Add location. To remove a location, click the adjacent Remove button.

For GLB Locations, the Traffic Manager supports IPv4 addresses only.

To specify the port number your locations listen on, use "Service port".

Click Next to continue.

This page displays a summary of the proposed Traffic Manager settings. Click Cancel to quit the wizard without making any changes, click Back to return to the previous page, or click Finish to complete the wizard and configure the Traffic Manager.

After the wizard has completed all configuration, the Traffic Manager Home Page is updated to show all running services.