[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: The OpenLDAP Client and Multiple DNS Records

Tim Gustafson <tjg@soe.ucsc.edu> writes:

> Awesome, thanks for all the feedback.
> So what I'm hearing is that the OpenLDAP client does indeed fail over to
> the second and third (and so on) A record until it finds one that works,
> and that Stanford has been doing this for year.  Good stuff.  Thanks so
> much!

Stanford does something different.  We return a different CNAME to every
DNS query, which bounces between our LDAP servers based on their current
monitoring status, load, and the number of hits they've gotten recently.
This is done using lbnamed and lbcd.  It has other drawbacks, though, such
as the fact that some clients retain DNS results without regard to TTL and
therefore will never rebind to a different LDAP server without restarting
the application.

Russ Allbery (rra@stanford.edu)             <http://www.eyrie.org/~eagle/>