On 13/02/13 14:30, Nick Urbanik wrote:
I think that it is not necessarily always true that you should avoid a
load balancer. Every day, our DNS caches are answering about 140,000
queries per second. I think that it is rather hard to configure
resolvers to query only three machines yet still meet the demand
unless you either use very massive, expensive machines, or use load
balancers.
So the questions remain.
My rule of thumb is this:
1. For client->DNS comms (resolv.conf, DHCP-supplied DNS IPs, etc.) I
use a VIP. This allows for future scalability and adds/moves/changes
without time-consuming reconfiguring of clients, and avoid the problem
where some clients have poor/slow failover between DNS servers (unix
systems without nscd/lwresd).
2. For DNS->DNS comms I use real IPs. This includes "forwarders", NS
records, "masters" statements and so on. The rationale is that DNS
servers, when talking to other DNS servers, almost universally have
fast, intelligent detection of failures, and thus don't need the benefit
of a VIP.
However - as with all things, "it depends". There are circumstances
where VIPs (possibly only backed by one real server) are suitable for
DNS->DNS, and real IPs for client->DNS (e.g. resolv.conf on the DNS
server itself).
There's no one definitively "right" answer, since it depends on what
you're trying to achieve, and what architecture your network and
supporting systems have.
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
[email protected]
https://lists.isc.org/mailman/listinfo/bind-users
