questions about making subdomain related with F5
QMIN
qmin77 at gmail.com
Fri Jul 25 05:58:38 UTC 2008
Thank for answering Kevin
The problems is that F5 is a kind of DNS sever based load-balancers, so I have to delegate domains I want to load-balance to F5. This mean that I have to configure two F5 servers for each domain.
Like this way.
www.aaa.com. IN NS f5-1.aaa.com.
www.aaa.com IN NS f5-2.aaa.com
www.BBB.com. IN NS f5-1.aaa.com.
www.BBB.com IN NS f5-2.aaa.com
it makes me feel annoyed. Think about if I've got lots domains which need to be load-balanced. I can still stand this kind of hard workings, but what if one of F5 is broken.
Thanks
-----Original Message-----
From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org] On Behalf Of Kevin Darcy
Sent: Friday, July 25, 2008 2:31 PM
To: bind-users at isc.org
Subject: Re: questions about making subdomain related with F5
QMIN wrote:
> Hi..
> Currently I am running bind DNS servers with F5s which is global load
> balance equipment.
>
> To load balance, I have to delegate domain to F5s
>
> However I¡¯ve got lots of domains which I need to load balance
>
> It is kind of annoying to configure each domains at the zone file as well
> as I would take long time to delete configuration
> when one of F5 has got some trouble.
>
> A question which I want to ask is that Can I use just one subdomain name
> server with two ip address?
>
> For example I want to configure subdomain name server like below
> configuration.
>
>
>
> www.aaa.com <http://www.aaa.com/> . in ns f5.aaa.com.
>
> bbb.aaa.com. in ns f5.aaa.com.
>
> f5.aaa.com. in a xxx.xxx.xxx.xxx
>
> f5.aaa.com in a fff.fff.fff.fff
>
>
>
> by configuring like above, I don¡¯t need to set two F5 domains up to each
> global load balanced domains.
>
> I can configure one NS domain to each domain which needs to be load
> balanced, also when one of F5 is broken I could take it out from service,
>
The standards require at least 2 NS records.
You don't have to remove any NS or A records when one of the F5's is
broken, however, since other nameservers will automatically fail over to
the other NS and/or A record. DNS is very adaptable in this respect.
I don't know about F5 specifics, but we use a scheme with our
load-balancers that's even simpler than what you show above. We just
delegate a *single* zone to each set of load-balancers, and then
everything becomes aliases to names under that delegation, e.g.
$ dig www.dodge.be
; <<>> DiG 9.3.0 <<>> www.dodge.be
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 929
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 2, ADDITIONAL: 0
;; QUESTION SECTION:
;www.dodge.be. IN A
;; ANSWER SECTION:
www.dodge.be. 300 IN CNAME int.us3.lb.chrysler.com.
int.us3.lb.chrysler.com. 10 IN A 129.9.1.12
int.us3.lb.chrysler.com. 10 IN A 129.9.129.12
;; AUTHORITY SECTION:
us3.lb.chrysler.com. 1334 IN NS gssoddi1.extra.chrysler.com.
us3.lb.chrysler.com. 1334 IN NS gsssdci1.extra.chrysler.com.
;; Query time: 2230 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Jul 25 01:12:42 2008
;; MSG SIZE rcvd: 151
$
us3.lb.chrysler.com (for example) is delegated to the load-balancers,
and then each website name is an alias to a name under that. This cuts
down the total number of records you need in your zone (1 alias per
website name, versus at least 2 NSes for each delegation), plus, for us,
aliases are much easier to maintain with our tools than delegations.
This scheme presumes, however, some flexibility on the part of the
load-balancer as to what names it can serve via DNS.
Unfortunately, this scheme doesn't work with "apex" names, e.g. dodge.be
as opposed to www.dodge.be, so we're stuck with the options of either a)
serving the _whole_ zone, e.g. dodge.be itself, from the load-balancers
(which we decline to do since we often have non-website data in the
zone, and load-balancer DNS implementations are still rather immature),
or b) reverting to simple round-robin DNS for the apex name.
- Kevin
More information about the bind-users
mailing list