[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Fw: [Debconf-discuss] cdn.debian.net (Re: Columbia Debian mirror

Mattias,

On Mon, Aug 9, 2010 at 8:01 PM, Mattias Wadenstein <maswan@acc.umu.se> wrote:
> On Mon, 9 Aug 2010, mirror-maintainer@mirror.averse.net wrote:
>
>> On Mon, 9 Aug 2010, Yasuhiro Araki wrote:
>>
>>> I understand.
>>> I would like to add new feature for cdn.debian.net which reply CNAME.
>>> I think it can use for CNAME virtual host.
>>
>> 2 problems with this.
>>
>> 1) cname to a cname should be avoided for efficiency reasons.  Today,
>> cdn.debian.net cnames to deb.cdn.araki.net.  If deb.cdn.araki.net cnames to
>> another hostname (like ftp.br.debian.org), you'd cause many dns lookups.
>> Worse case could be that the dns resolution will timeout.
>>
>> $ host cdn.debian.net
>> cdn.debian.net is an alias for deb.cdn.araki.net.
>> deb.cdn.araki.net has address 150.65.7.130
>> deb.cdn.araki.net has address 202.229.186.27
>> [etc]
>>
>> 2) I think the rfcs suggest that you should not return multiple cnames to
>> a single query, but I can't pinpoint where it says so.
>
> If you return a CNAME you must not return any other RRs. This includes a
> second CNAME record.
>
> Also, 3) The Host: http field would be what the client thinks it is called
> (i.e. cdn.debian.net), no matter if it is a chain of CNAMEs or an A record
> directly.
>
> So what is needed for people with name-based virtual hosts is to add
> cdn.debian.net (cdn.debian.org too while we're at it?) to their httpd config
> file.

Thanks. You are right. I mis-understand. I'm afraid I confused.


> I have one more thing I keep forgetting to mention regarding cdn:
>
> Is it necessary to return multiple A records to the same lookup? It seems to
> me that that would just open up the chances of them being out of sync from
> eachother. Why not just return a single record to each client, but cycle
> through the responses on the server side?

Necessary for when a mirror server fails down and cdn.debian.net does
not know the fails.

Some local DNS servers cache these multiple A records.
And local DNS servers tells A record with shuffling.
As a result, fail ratio of apt-client is probability reduced.

> This also helps with broken resolvers that sort the A-records numerically,
> but hopefully they should not be many trying to get updates via apt.
>
> /Mattias Wadenstein
>



-- 
ARAKI Yasuhiro
Reply to: