Re: IP addresses sorted in reverse order

To: Matus UHLAR - fantomas <uhlar@fantomas.sk>, debian-glibc@lists.debian.org
Subject: Re: IP addresses sorted in reverse order
From: Gabor Gombas <gombasg@sztaki.hu>
Date: Fri, 2 Jun 2006 14:37:34 +0200
Message-id: <[🔎] 20060602123734.GE5177@boogie.lpds.sztaki.hu>
In-reply-to: <[🔎] 20060601095459.GA27336@fantomas.sk>
References: <20060531212844.GA19330@fantomas.sk> <[🔎] 20060601093938.GL5002@boogie.lpds.sztaki.hu> <[🔎] 20060601095459.GA27336@fantomas.sk>

On Thu, Jun 01, 2006 at 11:54:59AM +0200, Matus UHLAR - fantomas wrote:

> Nothing "relies". It's just if you will receive addresses in some order, you
> should not reorder them unless you know what order they should be delivered
> in (e.g. ordering via RFC3484)

RFC3484 has _nothing_ to do with the NSS. If you are using the glibc
interfaces, then you should only consult the relevant standards (POSIX,
SUS, whatever). And those standards do not contain ordering constraints.

If you want to rely on the address ordering in the DNS reply, then you
should not use the generic NSS interface (like gethostbyname() or
getaddrinfo()) but you should use the resolver directly instead (see
resolv(3)).

> I'm afraid this is not applicable and also you probably did not understand
> me.
> 
> If there are clients on network A and network B and servers on network A and
> network B, DNS server may sort replies to clients so client A would get
> address of server A first, server B next. Client B would get addresses of
> server B first, server A next.

I'm perfectly aware of that and it seems you are the one who do not
understand me. If you are already able to generate different DNS replies
for A and B, then the SRV records should look like:

When queried by client A:

	_ssh._tcp.server.dom.ain.	SRV	0 0 22	server-A.dom.ain.
	_ssh._tcp.server.dom.ain.	SRV	1 0 22	server-B.dom.ain.

When queried by client B:

	_ssh._tcp.server.dom.ain.	SRV	1 0 22	server-A.dom.ain.
	_ssh._tcp.server.dom.ain.	SRV	0 0 22	server-B.dom.ain.

(Note the difference in the Priority field). This does _exactly_ what
you want and is standard-compliant. You just have to modify your ssh
client to query the SRV records for "_ssh._tcp" when it wants to connect
to "server.dom.ain" (and likewise for any other services).

> > An other option would be to play with routing instead of the DNS to
> > direct your clients to the nearest server.
> 
> Pardon? If one of servers is in our company's network and other is in
> differet network, company, town, how do you imagine this?

Certainly you can only do this if you control the routing decisions of
the clients. But since you filed this bugreport I assume you have full
control of the clients, otherwise the bugreport has no sense. And yes,
messing with the routing is always tricky, but on intranets it is
sometimes more efficient than DNS games.

Gabor

-- 
     ---------------------------------------------------------
     MTA SZTAKI Computer and Automation Research Institute
                Hungarian Academy of Sciences
     ---------------------------------------------------------

Reply to:

Follow-Ups:
- Re: IP addresses sorted in reverse order
  - From: Matus UHLAR - fantomas <uhlar@fantomas.sk>

References:
- Re: IP addresses sorted in reverse order
  - From: Gabor Gombas <gombasg@sztaki.hu>
- Re: IP addresses sorted in reverse order
  - From: Matus UHLAR - fantomas <uhlar@fantomas.sk>

Prev by Date: Bug#369940: libc6 upgrade objects to my old a.out libc in /usr/local
Next by Date: r1608 - in glibc-package/branches/glibc-2.4/debian: . control.in sysdeps
Previous by thread: Re: IP addresses sorted in reverse order
Next by thread: Re: IP addresses sorted in reverse order
Index(es):
- Date
- Thread