[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Antw: Weird DNS round-robin issue



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 02/18/2014 12:09 PM, Ulrich Windl wrote:
> Hi!
> 
> Did you read the bind manual pages about "sortlist"?

The official Bind 9 reference guide says:
"The client resolver code should rearrange the RRs
as appropriate, that is, using any addresses on the *local net* in
preference to other addresses."

That is exactly what I am experiencing :(

Thanks for the pointer!


> 
> Ulrich
> 
>>>> Dennis Leeuw <D.Leeuw@umcutrecht.nl> schrieb am 18.02.2014 um
>>>> 10:33 in
> Nachricht <530328F0.4090903@umcutrecht.nl>: Hi all,
> 
> I hope I am on the right list for the problem I am experiencing.
> 
> We have two subnets 192.168.196. 192.168.222.
> 
> Our main LDAP servers run in 192.168.196. and are load-balanced by 
> round-robin DNS. The 192.168.196. network is exhausted, so we added
> a new LDAP slave to 192.168.222. and added the IP address to the
> round-robin pool. But it seems that it is only used by other
> servers in the 192.168.222 network and not by servers in the
> 192.168.196. network
> 
> This setup has now been running for 6 days, with nscd.conf: 
> enable-cache		hosts		yes positive-time-to-live	hosts		3600 
> negative-time-to-live	hosts		20 suggested-size		hosts		211 
> check-files		hosts		yes persistent		hosts		yes shared			hosts		yes 
> max-db-size		hosts		33554432
> 
> and nslcd.conf: uid nslcd gid ldap uri
> ldap://ldap.div.ourdomain.nl/ base dc=div,dc=ourdomain,dc=nl ssl
> no tls_cacertdir /etc/openldap/cacerts
> 
> The LDAP server in the 192.168.222 range serves only 33
> connections all from the 192.168.222 range, and the 2 hosts in the
> 192.168.196 range serve 599 and 706 connections. The last 2 servers
> do serve the 143.121.222. network also. So might there be some
> caching issue?
> 
> $ getent ahost ldap.div.ourdomain.nl 192.168.196.190 STREAM
> ldap.div.ourdomain.nl 192.168.196.190 DGRAM 192.168.196.190 RAW 
> 192.168.196.151 STREAM 192.168.196.151 DGRAM 192.168.196.151 RAW 
> 192.168.222.179 STREAM 192.168.222.179 DGRAM 192.168.222.179 RAW
> 
> Is this the right list for this question? And if so can someone
> help me understand what is going on?
> 
> With kind regards,
> 
> Dennis Leeuw
> 
>> 
>> ------------------------------------------------------------------------------
>>
>>
>> 
De informatie opgenomen in dit bericht kan vertrouwelijk zijn en is
>> uitsluitend bestemd voor de geadresseerde. Indien u dit bericht
>> onterecht ontvangt, wordt u verzocht de inhoud niet te gebruiken
>> en de afzender direct te informeren door het bericht te
>> retourneren. Het Universitair Medisch Centrum Utrecht is een
>> publiekrechtelijke rechtspersoon in de zin van de W.H.W. (Wet
>> Hoger Onderwijs en Wetenschappelijk Onderzoek) en staat
>> geregistreerd bij de Kamer van Koophandel voor Midden-Nederland
>> onder nr. 30244197.
>> 
>> Denk s.v.p aan het milieu voor u deze e-mail afdrukt.
>> 
>> ------------------------------------------------------------------------------
>>
>>
>> 
This message may contain confidential information and is intended
>> exclusively for the addressee. If you receive this message
>> unintentionally, please do not use the contents but notify the
>> sender immediately by return e-mail. University Medical Center
>> Utrecht is a legal person by public law and is registered at the
>> Chamber of Commerce for Midden-Nederland under no. 30244197.
>> 
>> Please consider the environment before printing this e-mail.
> 
> 
> 

- -- 
ICT Medewerker
Divisie Biomedische Genetica
UMC Utrecht
Heidelberglaan 100 STR2.126
3584 CX  Utrecht
The Netherlands
06 27744048
intern: 64048
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJTA09oAAoJEMVYYpdbQsco7aEIAKseWCH9bnzpIKssAkQLIH26
yDjB7Ypj+Mog3QB9vk8GCLrfTJN60biJjwVE1OeONcq3dVM1NSwwxyy490tjtG+s
t0e5dQvLPEgTQbefLZZ+xXQzKi4d2pdesJv0MRbWsVJs/OApAmkvg/N0eDEvzDDq
s5n/VJQeEY82N/gWKe5ukX0ePJZAbubAtB0aGesqAgoSZyfQ76WEF79x5FOPGPth
iwvPSOW61xKwVyY8aeuezfXI0C+YfkU1g8YW7TP/80P74MK+SdzkbPVDfyu2oZ8a
w2bShRSH4BcZJsKvxxAHXpP81OJ6V3YwWtQFPu5Qvz/8rW3PRMCef3YoCOgYl/8=
=KchD
-----END PGP SIGNATURE-----