On 10/19/2012 07:25 PM, John Miller wrote:
Here's a question, however: how does one get probes working for a
transparent LB setup? If an rserver listens for connections on all
interfaces, then probes work fine, but return traffic from the uses the
machine's default IP (not the VIP that was originally queried) for the
source address of the return traffic.
I'm not sure I understand this.
If a DNS request comes in on a particular IP, bind should reply from
that IP, always. If it doesn't, something is going seriously wrong.
What have people done to get probes working with transparent LB? Are
any of you using NAT to handle your dns traffic? Not tying up NAT
tables seems like the way to go, but lack of probes is a deal-breaker on
this end.
We didn't have to do anything special, and I'm not sure why you have
either. Our probes are just:
probe tcp TCP_53_RECDNS
ip address <public ip>
port 53
interval 10
serverfarm host INTERNAL-DNS
transparent
predictor leastconns
probe TCP_53_RECDNS
rserver <private IP> 53
inservice
The ACE uses ARP to discover the destination MAC of the private IP, but
sends an IP packet to that MAC with a destination of the public IP. The
DNS reply comes back from that, and all is well.
I get the feeling I'm not understanding what isn't working for you; can
you describe the failure in more detail? What server OS are you running,
and can you describe the network config?
Cheers,
Phil
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users