Re: load-balancing in DNS using two A records
On 12/20/2011 1:22 PM, Matus UHLAR - fantomas wrote: On 20.12.11 19:37, Martin T wrote: I have seen setups where one domain name has two address records. First IP address is in the ISP-A network and the other one is in the ISP-B network. In case I execute host www.domainname.com, I always get two IP addresses as a reply and they always appear by turns. Am I correct, that setup like this provides redundancy as well as load-balancing? Kind of. It's much better to have real load-balancing and vailover by multiple links or L3 load balancers. Is there some common method in BIND to give out IP addresses by turns? Last but not least, how do application layer(for example www, ssh) handle such setup? bind usually gives all possible addresses for a name in random order. You can affect this a bit by using sortlist statement, where you can tell BIND which address to prefer for which client (and, intermediate server may re-sort according to its knowledge) Just be aware, Wintel clients often choose addresses out-of-received-sequence according to their notion of subnet prioritization (older OSes) and/or RFC 3484 logic (newer ones), thus effectively overriding any sortlisting you do on the BIND side. - Kevin ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: load-balancing in DNS using two A records
In message 2011122018.ga3...@fantomas.sk, Matus UHLAR - fantomas writes: Long time ago when we were trying to have multiple web servers for redundancy and balancing, we have found that multiple IP's is not a good solution (parts of web pages didn't load). We selected L3 switches then... On 21.12.11 09:26, Mark Andrews wrote: Which is really the result of badly designed clients. Clients are getting better with address affinity and fast failover on unreachable servers. It's been long time ago (~10 years). And even if they did failover, 30s (tcp connection timeout) delays are very ugly when loading a web page. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Eagles may soar, but weasels don't get sucked into jet engines. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: load-balancing in DNS using two A records
In message 20111221083337.gb5...@fantomas.sk, Matus UHLAR - fantomas writes: In message 2011122018.ga3...@fantomas.sk, Matus UHLAR - fantomas write s: Long time ago when we were trying to have multiple web servers for redundancy and balancing, we have found that multiple IP's is not a good solution (parts of web pages didn't load). We selected L3 switches then... On 21.12.11 09:26, Mark Andrews wrote: Which is really the result of badly designed clients. Clients are getting better with address affinity and fast failover on unreachable servers. It's been long time ago (~10 years). And even if they did failover, 30s (tcp connection timeout) delays are very ugly when loading a web page. Indeed. 150-250ms [1] is a more realistic timeout for starting a second connection attempt. You use the connection which completes first and close the others if they complete. Mark [1] http://tools.ietf.org/html/draft-ietf-v6ops-happy-eyeballs-07 -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: load-balancing in DNS using two A records
In article mailman.581.1324405362.68562.bind-us...@lists.isc.org, Matus UHLAR - fantomas uh...@fantomas.sk wrote: On 20.12.11 19:37, Martin T wrote: I have seen setups where one domain name has two address records. First IP address is in the ISP-A network and the other one is in the ISP-B network. In case I execute host www.domainname.com, I always get two IP addresses as a reply and they always appear by turns. Am I correct, that setup like this provides redundancy as well as load-balancing? Kind of. It's much better to have real load-balancing and vailover by multiple links or L3 load balancers. If you're really cheapskate and have a little scripting expertise you can do what we did before we went to hardware load balancing. Give your systems names with short TTLs in a dynamic zone. Have a watchdog process monitor the systems and remove any that don't respond. It's not generally fast enough to help individual clients but it can help the overall availability of a system. It's victim to browsers ignoring TTLs, of course, though I've never been able to verify such browser behaviour myself. Sam ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
load-balancing in DNS using two A records
I have seen setups where one domain name has two address records. First IP address is in the ISP-A network and the other one is in the ISP-B network. In case I execute host www.domainname.com, I always get two IP addresses as a reply and they always appear by turns. Am I correct, that setup like this provides redundancy as well as load-balancing? Is there some common method in BIND to give out IP addresses by turns? Last but not least, how do application layer(for example www, ssh) handle such setup? regards, martin ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: load-balancing in DNS using two A records
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 12/20/2011 12:37 PM, Martin T wrote: I have seen setups where one domain name has two address records. First IP address is in the ISP-A network and the other one is in the ISP-B network. In case I execute host www.domainname.com, I always get two IP addresses as a reply and they always appear by turns. Am I correct, that setup like this provides redundancy as well as load-balancing? Is there some common method in BIND to give out IP addresses by turns? Last but not least, how do application layer(for example www, ssh) handle such setup? The only thing involved is having two A records for the same name. It's not truly load-balancing, but it can do the trick in some circumstances. All applications I've seen ask for and use one IP address. Therefore, SSH will be sometimes connecting to one server and sometimes another. Generally with SSH you care what you're connecting to and will also have individual records for each host to use for that purpose. - -- - _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | |Ryan Novosielski - Sr. Systems Programmer |$| |__| | | |__/ | \| _| |novos...@umdnj.edu - 973/972.0922 (2-0922) \__/ Univ. of Med. and Dent.|IST/CST-Academic Svcs. - ADMC 450, Newark -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk7wyb8ACgkQmb+gadEcsb6BMQCePx4LhLGh3b0XOxv4L5ZjA6bn cMMAoNGPW8t9gkqzsD9pUPQuQITaFips =jL/1 -END PGP SIGNATURE- attachment: novosirj.vcf___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: load-balancing in DNS using two A records
On 20.12.11 19:37, Martin T wrote: I have seen setups where one domain name has two address records. First IP address is in the ISP-A network and the other one is in the ISP-B network. In case I execute host www.domainname.com, I always get two IP addresses as a reply and they always appear by turns. Am I correct, that setup like this provides redundancy as well as load-balancing? Kind of. It's much better to have real load-balancing and vailover by multiple links or L3 load balancers. Is there some common method in BIND to give out IP addresses by turns? Last but not least, how do application layer(for example www, ssh) handle such setup? bind usually gives all possible addresses for a name in random order. You can affect this a bit by using sortlist statement, where you can tell BIND which address to prefer for which client (and, intermediate server may re-sort according to its knowledge) When one of those ip fails, you can expect half of your connections to such host fail, and it's up to the client how to handle this situation. Long time ago when we were trying to have multiple web servers for redundancy and balancing, we have found that multiple IP's is not a good solution (parts of web pages didn't load). We selected L3 switches then... Different situation is when you have multiple providers and want to use multiple uplinks with different IPs for the same servers. While this can work with some NAT playing, it should be better to ger your provider-independent address space (if possible) and use separate uplinks. That gives you much better line saturation. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Nothing is fool-proof to a talented fool. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: load-balancing in DNS using two A records
In message 2011122018.ga3...@fantomas.sk, Matus UHLAR - fantomas writes: On 20.12.11 19:37, Martin T wrote: I have seen setups where one domain name has two address records. First IP address is in the ISP-A network and the other one is in the ISP-B network. In case I execute host www.domainname.com, I always get two IP addresses as a reply and they always appear by turns. Am I correct, that setup like this provides redundancy as well as load-balancing? Kind of. It's much better to have real load-balancing and vailover by multiple links or L3 load balancers. Is there some common method in BIND to give out IP addresses by turns? Last but not least, how do application layer(for example www, ssh) handle such setup? bind usually gives all possible addresses for a name in random order. You can affect this a bit by using sortlist statement, where you can tell BIND which address to prefer for which client (and, intermediate server may re-sort according to its knowledge) When one of those ip fails, you can expect half of your connections to such host fail, and it's up to the client how to handle this situation. Long time ago when we were trying to have multiple web servers for redundancy and balancing, we have found that multiple IP's is not a good solution (parts of web pages didn't load). We selected L3 switches then... Which is really the result of badly designed clients. Clients are getting better with address affinity and fast failover on unreachable servers. Different situation is when you have multiple providers and want to use multiple uplinks with different IPs for the same servers. While this can work with some NAT playing, it should be better to ger your provider-independent address space (if possible) and use separate uplinks. That gives you much better line saturation. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Nothing is fool-proof to a talented fool. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
