Dynamic DNS (address takeover-type-things)

[David Lang]

-----BEGIN PGP SIGNED MESSAGE-----

Having just spent the last few weeks evaluating various load balancing
products I have come to the following conclusion

All of the products that "work" based on changes to the DNS results only
work if the client cooperates, this may work in a local environment where
you control everything, but in an internet environment you have a LARGE
series of gotcha's ranging from DNS clients that don't timeout as quickly
as they should to the case of AOL where if you have round-robin DNS with a
5 min timeout, the result you will see is that ALL traffic from AOL will
hit one machine for 5 min , then another machine for 5 min, etc. The
partial answer to these problems is to set a REALLY short time to live for
the DNS (say 5 sec or so), but then the traffic to your DNS server
skyrockets. There are a number of products on the market that will do the
load balancing (Cisco, F5 labs, Resonate) without needing to play with the
DNS (at least for local load balancing, wide area load balancing is
something I am not thrilled with any of the stock solutions) and do a much
better job ov really balancing the load then round robin DNS will. 

I see the role of HA software as complamentery to that of the load
balancing capability, you use the HA capability for your single point of
failure machines (firewalls, database servers, load balancing controllers,
etc) and the load balancing capability for cases where the load is just to
high for one machine (web, ftp servers, etc).

David Lang

P.S. Resonate has told my company that the Linux port of their software
should be out by the middle of 1999



On Mon, 19 Oct 1998 alanr@bell-labs.com wrote:

> Date: Mon, 19 Oct 1998 20:07:19 -0600
> From: alanr@bell-labs.com
> To: High Availability Linux Mailing List <linux-ha@muc.de>
> Subject: Dynamic DNS (address takeover-type-things)
> 
> I sent this more than 12 hours ago, and didn't see the return mail, so
> I'm sending it out again.  Sorry if you've seen it twice.  You can read
> about Dynamic DNS at:
> 		http://davidsimmons.com/tips/081797/
> -------------------------------------------------------------------------------
> Another thing I assume we would eventually like to do is to perform
> Dyanmic DNS
> reconfigurations on the basis of node availability.
> 
> Let me elaborate:
> In DNS one can have a round-robin scheme so that when a user requests a
> particular
> machine (like www.netscape.com), that it will be redirected to one of a
> set of
> machines in a round-robin fashion.  In Dynamic DNS, one can dynamically
> change the
> mapping of machine names to IP addresses.  Ultimately, if we add a
> machine to or
> remove a machine from a cluster served by this kind of DNS addressing,
> we would
> want to be able to update the DNS round-robin list as well.  For these
> kinds of
> applications, this would be much better than simply doing IP address
> takeover,
> since the load will remain balanced in this case.
> 
> For example, if I have three machines in a cluster, and one goes away,
> IP (or MAC)
> address takeover would give ALL the new load to one of the machines,
> making it
> twice as busy as the other.
> 
> DNS round-robin updates would allow the machines to share the load
> equally.
> I'm not 100% sure which particular DNS servers will allow you to change
> the
> configurations of round-robin groups.  If none do, then it certainly is
> a desirable
> feature.
> 
> Thoughts?
> 
> Does someone with more knowledge about Dynamic DNS want to comment?
> 
>         -- Alan Robertson
>            alanr@bell-labs.com
> 

-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.0
Charset: noconv

iQEVAwUBNiybST7msCGEppcbAQGgZgf6AvksuUtjoV/xJ9FOEn+rJn4UiAAw1VqR
nOxIk+53+L3ARsmOEmpgCfsL7WOWuEsY8toKCG9UEl9CJ8E7o4srYW/laJOD2SZ9
BGGdM7znVjiM+d0ocr+vVvLfSPCyBux3fxDFCN8IyRshl6SPaIkEba6R977situi
SeYJq0vXBrKEXKRjZBkfJnxDgBufvpTvop9ydFwxA9+RQJtBX6vQhLDAUdG8EFVt
Xm6BM/Q3U3LVT6evzYWUZMYvLZTFUYAOd5A70begWd62ewrADssU3tewsmvnxfeR
ggkr9alW9HjGoLPpcxOjYKWmWgApbf0ROtjzZdgULAhKVJDtCJ/HHA==
=e9JQ
-----END PGP SIGNATURE-----