dns (and dhcp ..) and loadbalancing
Claus van de Vlierd
claus.van.de.vlierd at uni-oldenburg.de
Fri Dec 2 18:10:25 UTC 2005
Hello ,
a) we still have a prim. nameserver that works sometimes rather slowly.
b) to be more precise :
b1) we have a prim. nameserver "<name of ns1>" with IP "<IP of ns1>"
that is at the same time our primary DHCP-Server.
b2) we have a sec. nameserver "<name of ns2>" with IP "<IP of ns2>"
that is at the same time our sec. ("failover") DHCP-Server.
b3) on our Routers we give both "helper-addresses" for dhcp-requests :
"<IP of ns1>" and "<IP of ns2>" .
c) now some guys here propose the following schema in order to make
sure that ,
let's say the "sendmail"-requests , are being sent to the SEC.
SEC. nameserver in such a case of slow prim. nameserver :
c1) put a loadbalancer at the entrance of our net and give it
both IP-addresses "<IP of ns1"> and "<IP of ns2">
c2) change name and IP of the prim. nameserver (== prim. DHCP-Server)
to "<new name of ns1"> resp. "<new IP of new name of ns1">
c3) change name and IP of the sec. nameserver (== sec. DHCP-Server)
to "<new name of ns2"> resp. "<new IP of new name of ns2"> .
c4) change the "Router-dhcp-request-helper-addresses" from
"<IP of ns1"> and "IP of ns2"> to
"<new IP of new name of ns1"> and "<new IP of new name of ns2">
d) then the loadbalancer would receive all the dns- (port 53) and
DHCP-requests and would distribute them to our prim and sec.
Servers --
so a slow prim. server would not matter any more : the loadbalancer
would then prefer to send the requests to the sec. server.
e) BUT : would such a szenario work ?!??
e.g. : our DNS-Server would then answer "nslookups" with his
address "<new IP of new name of ns1"> --- but of course
we have world-wide propagated that only
"<IP of ns1>"
is AUTHORITATIVE for giving information about our domain ... !
I am afraid that the schema from "a)" - c)" would cause us many
problems -- or ?!
SO :
f) is there any possibility to put a loadbalancer at the entrance of
our net IN A WAYHAT WE HAVE NOT TO CHANGE the IP-addresses
of these nameservers (which are "worldwide known" ..) and in a way
that the loadbalancer first receives the dns- and dhcp-requests
(that means : listens to the nameservers's addresses ..)
and than distributes them to these nameserver ?!
or perhaps it is a better idea , instead of using a loadbalancer,
to work with the "routing-statements" on our routers
and tell the router that it should use for ,e.g. "port 53 - dns-
requests",
the route to "<IP of ns2"> instead of "<IP of ns1"> in case the
latter does not work properly ?!?
g) any proposal would be appreciated for our above problem :
HOW can we ensure that e.g. our "sendmail"-system uses the SECONDARY
nameserver in case the primary nameserver works very slowly (if at
all ..) ?!?!
h) thanks for any help :
Claus van de Vlierd
More information about the bind-users
mailing list