Specifications
Chapter 9: Administering Geographic Clusters
154 Equalizer Installation and Administration Guide
In the example above, we left the domain parameters as zeros, since these vary widely between
DNS installations. Please see the documentation for the version of DNS that you are using for more
information on the zone file content and format.
Using Envoy with Firewalled Networks
Envoy sites communicate with each other using Coyote Point’s UDP-based Geographic Query
Protocol (GQP). Similarly, Envoy sites communicate with clients using the DNS protocol. If you
protect one or more of your Envoy sites with a network firewall, you must configure the firewall to
permit the Envoy packets to pass through.
To use Envoy with firewalled networks, you need to configure the firewalls so that the following
actions occur:
• Envoy sites communicate with each other on UDP ports 5300 and 5301. The firewall must
allow traffic on these ports to pass between Equalizer/Envoy sites.
• Envoy sites and clients can exchange packets on UDP port 53. The firewall must allow traffic
on this port to flow freely between an Envoy server and any Internet clients so that clients
trying to resolve hostnames via the Envoy DNS server can exchange packets with the Envoy
sites.
• Envoy sites can send ICMP echo request packets out through the firewall and receive ICMP
echo response packets from clients outside the firewall. When a client attempts a DNS
resolution, Envoy sites send an ICMP echo request (ping) packet to the client and the client
might respond with an ICMP echo response packet.