ISO or virtual appliance

btb btb at bitrate.net
Thu Aug 22 19:51:12 UTC 2013


On 2013.08.22 00.39, Manish Rane wrote:
> Well the main idea behind and have been struggling to configure for
> almost last one year is to have a open source alternative to DNS
> Based failover/System monitoring thus have inbound loadbalancer.

i guess it's worth noting, since i don't believe it's yet been
mentioned, that dns offers really only a very crude form of load
balancing, and does not do high availability at all. yes, there is all
sorts of trickery that can be done, like changing zone data when certain
events happen, and very low ttls, but these things are fundamentally at
odds with both the nature of how dns works, and the essence of a
courteous dns admin.

there are numerous layers of caching, from the client directly 
contacting the authoritative nameserver all of the way through to often 
the operating system's resolver libraries and ultimately the program 
which instantiated the request to begin with.

this heavy, fundamental dependence on caching means that there will be
consistent failures experienced by users [especially if you are talking
about high availability], since they will not necessarily see the
updated zone data immediately upon failure of the service. this is also
a function of the service/protocol/program in question, as there may not
be iteration through the returned addresses upon failure.

in terms of courtesy, theoretically, as a general rule, ttls should be 
encouraged to be higher, rather than lower [as is the essence of having 
a mechanism to cache the result in the first place], and thus 
encouraging use of unnecessarily low ttls is in contrast to a large part 
of the spirit of dns - that one can avoid unnecessary bandwidth 
consumption just because you might want to change your data. that is not 
to say that there are not legitimate applications for lower ttls [any 
dns admin knows that there of course are] - just that the goal should 
begin life as an attempt to publish higher ttls, not lower ttls.

in short, although rr dns can be [and often is] a part of load
balancing, there are ultimately almost always better ways to do it, and
certainly better ways to do high availability.

-ben


More information about the bind-users mailing list