[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Antw: Weird DNS round-robin issue

To: <openldap-technical@openldap.org>, "Dennis Leeuw" <D.Leeuw@umcutrecht.nl>
Subject: Re: Antw: Weird DNS round-robin issue
From: "Ulrich Windl" <Ulrich.Windl@rz.uni-regensburg.de>
Date: Tue, 18 Feb 2014 12:27:02 +0100
Content-disposition: inline
In-reply-to: <530342DE.2040406@umcutrecht.nl>
References: <530328F0.4090903@umcutrecht.nl> <53034D64020000A1000146D7@gwsmtp1.uni-regensburg.de> <530342DE.2040406@umcutrecht.nl>

>>> Dennis Leeuw <D.Leeuw@umcutrecht.nl> schrieb am 18.02.2014 um 12:24 in
Nachricht <530342DE.2040406@umcutrecht.nl>:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Hi Ulrich,
> 
> No I hadn't, didn't even know it existed. But reading up on it it
> seems a server side configuration we do not have.
> 
> Running the getent several times on a host shows nice round-robin
> behaviour, so my guess it is somewhere in the client-side config or
> caching, or...

Do you run nscd?

> 
> Dennis
> 
> On 02/18/2014 12:09 PM, Ulrich Windl wrote:
>> Hi!
>> 
>> Did you read the bind manual pages about "sortlist"?
>> 
>> Ulrich
>> 
>>>>> Dennis Leeuw <D.Leeuw@umcutrecht.nl> schrieb am 18.02.2014 um
>>>>> 10:33 in
>> Nachricht <530328F0.4090903@umcutrecht.nl>: Hi all,
>> 
>> I hope I am on the right list for the problem I am experiencing.
>> 
>> We have two subnets 192.168.196. 192.168.222.
>> 
>> Our main LDAP servers run in 192.168.196. and are load-balanced by 
>> round-robin DNS. The 192.168.196. network is exhausted, so we added
>> a new LDAP slave to 192.168.222. and added the IP address to the
>> round-robin pool. But it seems that it is only used by other
>> servers in the 192.168.222 network and not by servers in the
>> 192.168.196. network
>> 
>> This setup has now been running for 6 days, with nscd.conf: 
>> enable-cache		hosts		yes positive-time-to-live	hosts		3600 
>> negative-time-to-live	hosts		20 suggested-size		hosts		211 
>> check-files		hosts		yes persistent		hosts		yes shared			hosts		yes 
>> max-db-size		hosts		33554432
>> 
>> and nslcd.conf: uid nslcd gid ldap uri
>> ldap://ldap.div.ourdomain.nl/ base dc=div,dc=ourdomain,dc=nl ssl
>> no tls_cacertdir /etc/openldap/cacerts
>> 
>> The LDAP server in the 192.168.222 range serves only 33
>> connections all from the 192.168.222 range, and the 2 hosts in the
>> 192.168.196 range serve 599 and 706 connections. The last 2 servers
>> do serve the 143.121.222. network also. So might there be some
>> caching issue?
>> 
>> $ getent ahost ldap.div.ourdomain.nl 192.168.196.190 STREAM
>> ldap.div.ourdomain.nl 192.168.196.190 DGRAM 192.168.196.190 RAW 
>> 192.168.196.151 STREAM 192.168.196.151 DGRAM 192.168.196.151 RAW 
>> 192.168.222.179 STREAM 192.168.222.179 DGRAM 192.168.222.179 RAW
>> 
>> Is this the right list for this question? And if so can someone
>> help me understand what is going on?
>> 
>> With kind regards,
>> 
>> Dennis Leeuw
>> 
>>> 
>>> ------------------------------------------------------------------------------
>>>
>>>
>>> 
> De informatie opgenomen in dit bericht kan vertrouwelijk zijn en is
>>> uitsluitend bestemd voor de geadresseerde. Indien u dit bericht
>>> onterecht ontvangt, wordt u verzocht de inhoud niet te gebruiken
>>> en de afzender direct te informeren door het bericht te
>>> retourneren. Het Universitair Medisch Centrum Utrecht is een
>>> publiekrechtelijke rechtspersoon in de zin van de W.H.W. (Wet
>>> Hoger Onderwijs en Wetenschappelijk Onderzoek) en staat
>>> geregistreerd bij de Kamer van Koophandel voor Midden-Nederland
>>> onder nr. 30244197.
>>> 
>>> Denk s.v.p aan het milieu voor u deze e-mail afdrukt.
>>> 
>>> ------------------------------------------------------------------------------
>>>
>>>
>>> 
> This message may contain confidential information and is intended
>>> exclusively for the addressee. If you receive this message
>>> unintentionally, please do not use the contents but notify the
>>> sender immediately by return e-mail. University Medical Center
>>> Utrecht is a legal person by public law and is registered at the
>>> Chamber of Commerce for Midden-Nederland under no. 30244197.
>>> 
>>> Please consider the environment before printing this e-mail.
>> 
>> 
>> 
> 
> - -- 
> ICT Medewerker
> Divisie Biomedische Genetica
> UMC Utrecht
> Heidelberglaan 100 STR2.126
> 3584 CX  Utrecht
> The Netherlands
> 06 27744048
> intern: 64048
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.11 (GNU/Linux)
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ 
> 
> iQEcBAEBAgAGBQJTA0LeAAoJEMVYYpdbQscoJzcIALwJg+KKcoP5ea5sWqpOYFgY
> h242bt7oZFTG4Wx9hy/e1xQDpBtcYtN7WM+DzShQknWPRhhiEynBjE0KJNlHpXx9
> GM35X17fyz7gR7BXiVXxtN0vddhn1GbYxQokR7Oop5DfpqVrtdGYb6n+HdfKlg4e
> fboi5z8Mf4ev1IGrnRFKmjij/xusqbKRiyoWeyGaltPCHQslhSL8SgH78GRQCEjA
> heyE3EjNTdyr9JuSZseoxZQs3cqSu56RVBDc0wEXZOC/cptoToiEgXpwLDLdVSSz
> E5/sc/9gu6yj/oSeO+ADKn8IgdNb6y+Muqs+KxUNIL1zyQh2LZSR2wu6CMoS2Aw=
> =368X
> -----END PGP SIGNATURE-----

Follow-Ups:
- Re: Antw: Weird DNS round-robin issue
  - From: Dennis Leeuw <D.Leeuw@umcutrecht.nl>

References:
- Weird DNS round-robin issue
  - From: Dennis Leeuw <D.Leeuw@umcutrecht.nl>
- Antw: Weird DNS round-robin issue
  - From: "Ulrich Windl" <Ulrich.Windl@rz.uni-regensburg.de>
- Re: Antw: Weird DNS round-robin issue
  - From: Dennis Leeuw <D.Leeuw@umcutrecht.nl>

Prev by Date: Re: Antw: Weird DNS round-robin issue
Next by Date: Re: Antw: Weird DNS round-robin issue
Index(es):
- Chronological
- Thread