[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Antw: Weird DNS round-robin issue

To: Ulrich Windl <Ulrich.Windl@rz.uni-regensburg.de>, openldap-technical@openldap.org
Subject: Re: Antw: Weird DNS round-robin issue
From: Dennis Leeuw <D.Leeuw@umcutrecht.nl>
Date: Tue, 18 Feb 2014 12:28:32 +0100
In-reply-to: <53035196020000A1000146E0@gwsmtp1.uni-regensburg.de>
Organization: UMC Utrecht
References: <530328F0.4090903@umcutrecht.nl> <53034D64020000A1000146D7@gwsmtp1.uni-regensburg.de> <530342DE.2040406@umcutrecht.nl> <53035196020000A1000146E0@gwsmtp1.uni-regensburg.de>
User-agent: Mozilla/5.0 (X11; Linux i686; rv:24.0) Gecko/20100101 Thunderbird/24.2.0

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 02/18/2014 12:27 PM, Ulrich Windl wrote:
>>>> Dennis Leeuw <D.Leeuw@umcutrecht.nl> schrieb am 18.02.2014 um
>>>> 12:24 in
> Nachricht <530342DE.2040406@umcutrecht.nl>: Hi Ulrich,
> 
> No I hadn't, didn't even know it existed. But reading up on it it 
> seems a server side configuration we do not have.
> 
> Running the getent several times on a host shows nice round-robin 
> behaviour, so my guess it is somewhere in the client-side config
> or caching, or...
> 
>> Do you run nscd?

On some hosts we do on some we don't.

> 
> 
> Dennis
> 
> On 02/18/2014 12:09 PM, Ulrich Windl wrote:
>>>> Hi!
>>>> 
>>>> Did you read the bind manual pages about "sortlist"?
>>>> 
>>>> Ulrich
>>>> 
>>>>>>> Dennis Leeuw <D.Leeuw@umcutrecht.nl> schrieb am
>>>>>>> 18.02.2014 um 10:33 in
>>>> Nachricht <530328F0.4090903@umcutrecht.nl>: Hi all,
>>>> 
>>>> I hope I am on the right list for the problem I am
>>>> experiencing.
>>>> 
>>>> We have two subnets 192.168.196. 192.168.222.
>>>> 
>>>> Our main LDAP servers run in 192.168.196. and are
>>>> load-balanced by round-robin DNS. The 192.168.196. network is
>>>> exhausted, so we added a new LDAP slave to 192.168.222. and
>>>> added the IP address to the round-robin pool. But it seems
>>>> that it is only used by other servers in the 192.168.222
>>>> network and not by servers in the 192.168.196. network
>>>> 
>>>> This setup has now been running for 6 days, with nscd.conf: 
>>>> enable-cache		hosts		yes positive-time-to-live	hosts		3600 
>>>> negative-time-to-live	hosts		20 suggested-size		hosts		211 
>>>> check-files		hosts		yes persistent		hosts		yes shared			hosts
>>>> yes max-db-size		hosts		33554432
>>>> 
>>>> and nslcd.conf: uid nslcd gid ldap uri 
>>>> ldap://ldap.div.ourdomain.nl/ base dc=div,dc=ourdomain,dc=nl
>>>> ssl no tls_cacertdir /etc/openldap/cacerts
>>>> 
>>>> The LDAP server in the 192.168.222 range serves only 33 
>>>> connections all from the 192.168.222 range, and the 2 hosts
>>>> in the 192.168.196 range serve 599 and 706 connections. The
>>>> last 2 servers do serve the 143.121.222. network also. So
>>>> might there be some caching issue?
>>>> 
>>>> $ getent ahost ldap.div.ourdomain.nl 192.168.196.190 STREAM 
>>>> ldap.div.ourdomain.nl 192.168.196.190 DGRAM 192.168.196.190
>>>> RAW 192.168.196.151 STREAM 192.168.196.151 DGRAM
>>>> 192.168.196.151 RAW 192.168.222.179 STREAM 192.168.222.179
>>>> DGRAM 192.168.222.179 RAW
>>>> 
>>>> Is this the right list for this question? And if so can
>>>> someone help me understand what is going on?
>>>> 
>>>> With kind regards,
>>>> 
>>>> Dennis Leeuw
>>>> 

- -- 
ICT Medewerker
Divisie Biomedische Genetica
UMC Utrecht
Heidelberglaan 100 STR2.126
3584 CX  Utrecht
The Netherlands
06 27744048
intern: 64048
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJTA0PgAAoJEMVYYpdbQscoo7UH+wapvrnkYMZaYJeTzoDVKkQQ
xRzKLpaFZReuMc7MahfKWPs5Lu5h/04Y0DYxAU3QLIQ7+FN3B5wH+eVi/mFU2PKF
9f5NATEAWNoTfOJ44EtH1LU7qxnaIQSR7SMofskSbxqcxzqaIE6KzhgQG2x1N/Sa
Fi8UtuiIB4NANOMUB6D3XTN2AgrGPlZhhQpMmQZ29bcII+2u0WFbddrPMfCsryhs
nV5PTNyBgBIoegRizpGcbqqVLfpyXLjDG9us9ID1xTORK23wXmIeZger3HbnnFWc
HQNtkT94y0GlWWSxgNJmbYa9N7sJWXlIFcrxp+nzphv38CBf7+2Tu9XdqfyPf4g=
=Jq5y
-----END PGP SIGNATURE-----

------------------------------------------------------------------------------

De informatie opgenomen in dit bericht kan vertrouwelijk zijn en is
uitsluitend bestemd voor de geadresseerde. Indien u dit bericht onterecht
ontvangt, wordt u verzocht de inhoud niet te gebruiken en de afzender direct
te informeren door het bericht te retourneren. Het Universitair Medisch
Centrum Utrecht is een publiekrechtelijke rechtspersoon in de zin van de W.H.W.
(Wet Hoger Onderwijs en Wetenschappelijk Onderzoek) en staat geregistreerd bij
de Kamer van Koophandel voor Midden-Nederland onder nr. 30244197.

Denk s.v.p aan het milieu voor u deze e-mail afdrukt.

------------------------------------------------------------------------------

This message may contain confidential information and is intended exclusively
for the addressee. If you receive this message unintentionally, please do not
use the contents but notify the sender immediately by return e-mail. University
Medical Center Utrecht is a legal person by public law and is registered at
the Chamber of Commerce for Midden-Nederland under no. 30244197.

Please consider the environment before printing this e-mail.

References:
- Weird DNS round-robin issue
  - From: Dennis Leeuw <D.Leeuw@umcutrecht.nl>
- Antw: Weird DNS round-robin issue
  - From: "Ulrich Windl" <Ulrich.Windl@rz.uni-regensburg.de>
- Re: Antw: Weird DNS round-robin issue
  - From: Dennis Leeuw <D.Leeuw@umcutrecht.nl>
- Re: Antw: Weird DNS round-robin issue
  - From: "Ulrich Windl" <Ulrich.Windl@rz.uni-regensburg.de>

Prev by Date: Re: Antw: Weird DNS round-robin issue
Next by Date: Re: Antw: Weird DNS round-robin issue
Index(es):
- Chronological
- Thread