Help with MX records and CNAME records

Kevin Darcy kcd at daimlerchrysler.com
Mon Jul 22 22:37:16 UTC 2002 

No, queries from other nameservers are "iterative" queries: the responding
server is expected to either have the answer or, if the queried name is in a
delegated zone for which the server is not authoritative, to hand back a
referral to that subzone.

Of course, the answer to your question depends wholly on the capabilities of
the load balancer. If it has the ability to treat an iterative query, if and
only if it is not for an A record, as if it were recursive, and then forward
the query to some other nameserver, then maybe you have a solution. But this is
generally not how things work; BIND, for example, would never forward an
iterative query. Since the load balander can't even handle MX records, I have
little hope that it implements a "treat iterative QTYPE!=A like recursive and
forward it" feature.

FWIW, we've given up trying to load-balance our zone-apex names, for reasons
such as this. We just round-robin zone-apex names. Personally I wish the
load-balancing vendors would work with ISC on adding load-balancing hooks into
BIND, instead of re-inventing the nameserver wheel *badly*. Putting DNS data
into a barely-functional load-balancer DNS implementation is like taking a
giant step backward...


- Kevin

AJ wrote:

> what if I have the Load balancer resolve the domain and enable it to forward
> unresolved queries to another server. I am not sure if the forwarding works
> for domain or it can work for single entry like just MX.
>
> Any insights
>
> "Pete Ehlke" <pde at ehlke.net> wrote in message
> news:ahhala$8qjm$1 at isrv4.isc.org...
> >
> > On Mon, Jul 22, 2002 at 11:06:30AM -0400, scn1691 at attglobal.net wrote:
> > >
> > > SO the question here is with cname for abc.def.com as abc.lb.def.com
> can I
> > > also have an separate MX entry so that when queried on MX for
> abc.def.com I
> > > still get a response back.
> > >
> > No. If you have a CNAME record, you may not have any other record
> > referencing the same node (with the exception of some DNSSEC related
> > records). If your load balancer claims to do DNS but cannot publish an
> > MX record, you need a new load balancer, as this one is irretrievably
> > broken.
>

More information about the bind-users mailing list