The Global Routing Manager (GRM) directs traffic to the closest Enterprise Point of Presence (PoP). For instance, if a user is in Italy, they're routed to the closest PoP in Europe, instead of North America or Asia. If that same user travels to New York City, they're routed to the PoP in New York, unless restricted by administrative policy.
The GRM is a DNS-based load-balancing service that returns to the endpoint through the route to the closest PoP. It considers the following information:
- Geo-location of the user/endpoint
- DNS request IP address
- PoP availability
- Proxy DNS name
The precise geo-location is needed to achieve the best performance and provide localized internet content to greatly improve user experience. The IP address of the endpoint sending a DNS request to the GRM is absolutely crucial for a perfect approximation of the geo-location of the user or endpoint. The IP address seen on the GRM is generally different from the client IP address of the HTTP request. Infact the IP address of the DNS resolver is used by the endpoint.
If cloud DNS services are used, like the Google DNS or OpenDNS, the geo-location reported for an endpoint might not be the correct geo-location in which the endpoint is located. These cloud DNS services use outbound IP addresses that are geo-located within the United States. The same behavior applies to customers who manage their own centralized DNS infrastructure in a specific country or region. This behavior can also impact user experience while receiving webpages (content) in a foreign language.
There's no issue for customers who are using a decentralized DNS infrastructure.
Make use of special purpose prefixes for selecting the country or region whenever using cloud DNS services or centralized DNS infrastructure to enforce the correct geo-location. The prefixes are hierarchically organized with continents at the top level, followed by regions, and then countries. Select a prefix with the widest geographical area coverage as the dynamic load distribution and failover is restricted by the prefix.
Only when required, use prefixes. Use of a prefix overrules the dynamic routing logic of GRM. When prefixes are used to enforce the selection of a specific geo-location, users might experience overall performance issues when traveling. An increase in network latency, dynamic failover, and load-balancing issues can occur.
Use a prefix for proxy settings to specify the preference for a PoP from a certain country or region:
- Country-specific prefix: If the host name for a proxy includes a prefix for an individual country, the closest or best PoP within the country is selected.
- Region-specific prefix: If the host name for a proxy includes a prefix for a larger region, the closest or best PoP within that region is selected.
- <prefix>.c<customerID>.hybrid.skyhigh.cloud for WPS2 Hybrid customers using Skyhigh Client Proxy (SCP)
Please refer to the following examples:
- Using the country-specific region prefix for the United Kingdom for Skyhigh Security Service Edge:
- Using the country-specific region prefix for the United Kingdom for WPS Hybrid customers using SCP:
Using an IP address instead of a host name for proxy settings isn't supported.
In case of unavailbility of PoP in the country or region specified in the proxy host name, the preconfigured fallback is to make use of the closest PoP regardless of the country or region. (It's unlikely that no PoP is available.)
For using the nearest PoP from the selected country or region for the endpoint, make use of the given predefined set of prefixes (subdomains):
|Pacific island countries
|North America East Coast
|North America West Coast
|Pacific island countries
|Middle East / Israel
|United Arab Emirates