Selective filtering of multi-address answers

Kevin Darcy kcd at
Mon Jun 11 22:17:14 UTC 2012

At the risk of exceeding my cynicism quota for the week, this is an 
Active Directory client we're talking about: since when does Microsoft 
listen to best-practice suggestions from *anyone*?

A more fruitful approach, in my experience, is to approach the owners of 
the AD zone and have them limit the number of Domain Controllers that 
auto-register in the zone. I don't know the details of how they do this, 
but our Active Directory folks have managed to figure it out, when I 
complained to them about all of the TCP retries they were incurring...

                                                         - Kevin
On 6/11/2012 5:54 PM, Mark Andrews wrote:
> Andris,
> 	 you should also be pushing for proper multi-homed server
> support in those applications that are causing you problems (read
> just about all IP applications).  This is relatively easy for TCP.
> Mark
> In message<4FD66331.1050501 at>, Andris Kalnozols writes:
>> On 6/11/2012 1:23 PM, Kevin Darcy wrote:
>>> **Configure sortlists to push those bad A records to the end of the
>>> response. This may on the surface seem like a kludge, but remember, the
>>> whole point of sortlists is to give preference to certain addresses over
>>> others, and IMO, a working/reachable address is "preferred" over one
>>> that isn't working or isn't reachable :-)
>> Excellent suggestion, Kevin!  I was fixated on the rocket surgery
>> BIND features and didn't consider the simpler solution which our
>> resolvers already implement.  Also, keeping things honest by
>> preserving the overall integrity of the DNS data is also a plus
>> in this case.
>> Thanks,
>> Andris
>> _______________________________________________
>> Please visit to unsubscribe
>>   from this list
>> bind-users mailing list
>> bind-users at

More information about the bind-users mailing list