[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: The OpenLDAP Client and Multiple DNS Records

To: openldap-software@openldap.org
Subject: Re: The OpenLDAP Client and Multiple DNS Records
From: Russ Allbery <rra@stanford.edu>
Date: Tue, 17 Mar 2009 22:23:25 -0700
In-reply-to: <1969487909.117411237351806083.JavaMail.root@mail-01.cse.ucsc.edu> (Tim Gustafson's message of "Tue\, 17 Mar 2009 21\:50\:06 -0700 \(PDT\)")
Organization: The Eyrie
References: <1969487909.117411237351806083.JavaMail.root@mail-01.cse.ucsc.edu>
User-agent: Gnus/5.11 (Gnus v5.11) Emacs/22.2 (gnu/linux)

Tim Gustafson <tjg@soe.ucsc.edu> writes:

> Awesome, thanks for all the feedback.
>
> So what I'm hearing is that the OpenLDAP client does indeed fail over to
> the second and third (and so on) A record until it finds one that works,
> and that Stanford has been doing this for year.  Good stuff.  Thanks so
> much!

Stanford does something different.  We return a different CNAME to every
DNS query, which bounces between our LDAP servers based on their current
monitoring status, load, and the number of hits they've gotten recently.
This is done using lbnamed and lbcd.  It has other drawbacks, though, such
as the fact that some clients retain DNS results without regard to TTL and
therefore will never rebind to a different LDAP server without restarting
the application.

-- 
Russ Allbery (rra@stanford.edu)             <http://www.eyrie.org/~eagle/>

References:
- Re: The OpenLDAP Client and Multiple DNS Records
  - From: Tim Gustafson <tjg@soe.ucsc.edu>

Prev by Date: Re: The OpenLDAP Client and Multiple DNS Records
Next by Date: Re: The OpenLDAP Client and Multiple DNS Records
Index(es):
- Chronological
- Thread