Re: help with BIND SRV

To: Fraser Campbell <fraser@georgetown.wehave.net>
Cc: debian-isp@lists.debian.org
Subject: Re: help with BIND SRV
From: Nate Duehr <nate@natetech.com>
Date: Thu, 07 Oct 2004 20:23:31 -0600
Message-id: <[🔎] 4165FA23.9060006@natetech.com>
In-reply-to: <[🔎] 200410072104.58055.fraser@georgetown.wehave.net>
References: <[🔎] 20041005213141.GE13485@fargo.hipdesign.com> <[🔎] 90130000.1097141122@hick.kon.de> <[🔎] 20041007172033.GT24620@fargo.hipdesign.com> <[🔎] 200410072104.58055.fraser@georgetown.wehave.net>

Fraser Campbell wrote:

On Thursday 07 October 2004 13:20, August MacBeth wrote:
cache. Surprisingly, Mac OSX (unix based) cache's DNS as well, which
bum's me out.
That is surprising. Are you saying that Mac OSX caches the DNS permanentlyand/or for longer than the TTL supplied by Bind?

No. It doesn't.Most people setting up round-robin DNS type setups for redundancy withscripts to change things for failover get bit by these things:


- They don't REALLY understand TTL

- They don't understand that there might be multiple DNS servers betweentheir top-level and the machine they're servicing (3X and 4X TTL)- They don't understand negative caching and how important it is toALWAYS answer DNS queries.- They don't understand that some implementations of resolvers willrefuse to update quickly if the TTL is set very very low -- and willcache for longer than the TTL time. (But OSX doesn't do this, as far asI can tell.)- They don't understand that it can take a very long time to fail-overwhen you factor in all of the above.

DNS with low TTL times and the ability to be changed on the fly isreally good for a secondary physical SITE, but in terms of serverfailover, virtual IP type solutions work much much better.Some really nifty solutions I've seen are the hardware load-balancersthat publish all the SITES as round-robin'ed DNS entries and changeon-the-fly to remove entries when a site isn't responding, while theload-balancer is actually the front-man for multiple servers at thatlocation, with a single virtual IP on the front-side.Decent amount of redundancy in that setup, and still relatively cheap --you don't HAVE to do that with a hardware load balancer, you can do thatwith IP takeover services and two single boxes that can individuallyhandle all the load by themselves.At the point a single box can't do the job, it's a good idea to weighthe cost of hardware against having one box always doing "nothing"...although you could use it for cronjobs and things that would bog downthe other box... DB cleanup, etc... Lots of options, always.


--
Nate Duehr, nate@natetech.com

Reply to:

Follow-Ups:
- Re: help with BIND SRV
  - From: Juha-Matti Tapio <jmtapio@verkkotelakka.net>
- Re: help with BIND SRV
  - From: Fraser Campbell <fraser@georgetown.wehave.net>

References:
- help with BIND SRV
  - From: August MacBeth <August@HiPDesign.com>
- Re: help with BIND SRV
  - From: Marcel Hicking <m.hicking@komplex.net>
- Re: help with BIND SRV
  - From: August MacBeth <August@HiPDesign.com>
- Re: help with BIND SRV
  - From: Fraser Campbell <fraser@georgetown.wehave.net>

Prev by Date: Re: help with BIND SRV
Next by Date: Re: help with BIND SRV
Previous by thread: Re: help with BIND SRV
Next by thread: Re: help with BIND SRV
Index(es):
- Date
- Thread