[H-GEN] DNS Load sharing

Bruce Campbell bc at humbug.org.au
Thu Oct 17 07:12:25 EDT 2002 

[ Humbug *General* list - semi-serious discussions about Humbug and     ]
[ Unix-related topics. Posts from non-subscribed addresses will vanish. ]

On Thu, 17 Oct 2002, David Findlay wrote:

> Has anyone had problems with DNS replies from DNS server farms? One very
> large ISP has recently changed from a single primary and single
> secondary DNS server to one DNS server farm, run by a load balancer of
> some sort. They now tell you not to put anything in as a secondary, only
> to enter a primary in your settings. I believe that this is not a good
> idea.

Their perspective is most probably that if the single load balancer is
down, then they've got much bigger problems.

However, if their aim is trying to reduce traffic across their interstate
links, having one IP address for the nameserver makes sense (to their
helpdesk), assuming that they've got nameserver farms in each state and
have their routing set to direct requests to the closest nameserver farm.

> Also, when you send a DNS lookup to their farm, you send it to address X
> which is the load balancer. Then box Y behind the load balancer responds
> to you directly. This basically means that you have to open your

Poor configuration on the boxes behind the load balancer.  If they bind
the public IP address to the loopback interface of the machines, named
will send replies back from that IP address.  You (the user) shouldn't
notice the laod balancer.

( Heck, people don't notice the load balancing thats done in front of our
  services ;) )

> So here's the question. With load balancing, are all replies supposed to
> appear to come from the load balancer external address, or not? Thanks,

They should come from the same address that you sent them to.  Some
resolving software will reject answers that come from different IP
addresses.

--==--
Bruce.



--
* This is list (humbug) general handled by majordomo at lists.humbug.org.au .
* Postings to this list are only accepted from subscribed addresses of
* lists 'general' or 'general-post'.  See http://www.humbug.org.au/

More information about the General mailing list