POLICY REDIRECTION

Kevin Darcy kcd at daimlerchrysler.com
Fri Dec 3 02:09:55 UTC 1999 

You can create a big proxy.abc.com round-robin and then use the
"sortlist" directives in named.conf to arrange the order of the response
depending on the address/network of the requesting client. (If the round-robin
gets too big, though, you may run into problems related to UDP packet-size
limitations) Unfortunately, since there is no provision in the DNS spec to
specify ordering relationships in DNS responses and/or zone transfers, you
would have to add these sortlist definitions to *all* nameservers which are
going to be giving out this name to clients, even forwarding or caching-only
servers. On the plus side, though, if you're just doing this for performance,
and clients in one NAP can physically access proxies in another NAP, then this
might give you some redundancy as a bonus in case one of your proxies goes
down.


- Kevin

fooler wrote:

> hi all,
>
>     having multiple network access point (NAP) branch and each NAP had
> their own proxy server named proxy.nap1.abc.com, proxy.nap2.abc.com,
> proxy.nap3.abc.com and so on and so forth.
>     i want to centralize and standardize all proxy settings in their browser
> into proxy.abc.com, whenever where NAP they are, the proxy.abc.com will
> return the nearest proxy server ip address. for example, when im in  nap3,
> my proxy.abc.com ip address will point to proxy.nap3.abc.com.
>     are there any BIND features for this? or any sugggestion what DNS daemon
> support this.
>
>     if BIND doesn't support this, can we add another column in the IN A
> record with the following format:
>
> for example:
>
> proxy ip addresses for every NAP
> nap1 = 10.0.1.1
> nap2 = 10.0.2.1
> nap3 = 10.0.3.1
> default proxy.abc.com ip address is 10.0.0.1
>
> proxy.abc.com     IN    A    10.0.0.1
> proxy.abc.com.    IN    A    10.0.1.1    SUBNET 10.0.1.0 MASK 255.0.0.0
> proxy.abc.com     IN    A    10.0.2.1    SUBNET 10.0.2.0 MASK 255.0.0.0
> proxy.abc.com     IN    A    10.0.3.1    SUBNET 10.0.3.0 MASK 255.0.0.0
>
> so that when a requesting dns client with a ip source address belongs to a
> subnet of 10.0.2.0, it will return proxy.abc.com ip address to 10.0.2.1
> if there are no matching subnet of dns client ip source address, it will
> return the default 10.0.0.1 of proxy.abc.com.
>
> fooler.

More information about the bind-users mailing list