Load balancing/Multiple CNAME's (Was: Re: Beyond DNS...)
Daniel Reed
djr at narnia.n.ml.org
Sat Jun 6 00:44:05 UTC 1998
On Fri, 5 Jun 1998, Studded wrote:
) Daniel Reed wrote:
) > but I can't CNAME n.ml.org to
) > narnia.n.ml.org, nor can I CNAME n.ml.org to ftp.microsoft.com, or any
) > other host),
) Why not?
) n.ml.org. IN CNAME ftp.microsoft.com.
) would be perfectly valid. Of course uncle bill might not like it much.
First of all, I would have a CNAME along with extra information (at the
very bare minimum, my SOA and NS list).
I just modified my zone map for random.ml.org. and removed the IN A and IN
MX records, then CNAME'd it to n.ml.org.:
[SOA record snipped]
IN NS ns.n.ml.org.
IN NS urtho.shorecrest.org.
; IN A 209.49.57.5
; IN MX 0 mail.n.ml.org.
; IN MX 5 mx5.mhv.net.
; IN MX 10 mx10.mhv.net.
IN CNAME n.ml.org.
Jun 5 19:57:37 narnia named[10544]: random.ml.org has CNAME and other data (invalid)
Jun 5 19:57:37 narnia last message repeated 2 times
So, I guess the simplest answer to your question is because BIND spanked
me when I tried to do that.
) > you cannot use multiple CNAMEs. You can *physically* CNAME
) > multiple times,
) I'm not sure I understand the distinction you're trying to make here.
I was just trying to avoid someone saying "hey, pico let me add in the
second CNAME!!!!!" or something equally lame. You can physically have
multiple CNAMEs, but you're not allowed to.
) > What you're in fact doing is aliasing one host to two different
) > ones, which doesn't make sense (because a CNAME says that ThisHost is
) > actually just a pointer to ThatHost).
) Under usual situations, no it wouldn't make sense. However in the load
) balancing situation it's the only way to go for more complex setups.
)
) > Do an nslookup on irc.dal.net a couple times, or us.undernet.org. Each
) > time you do it, the IP's are shifted over to the left by one.
) Well I'll take that as a compliment, since I am DALnet's hostmaster. :)
) However I regret to inform you that I did use the CNAME hack to fine
) tune our load balancing.
Ah, so that explains why nslookup barfs when I try to lookup irc.dal.net
repeatedly. I thought it was just because of some peculiarity in your
setup (well, I guess it was!).
) I'd also like to point out that the IP's in a
) true round-robin setup (as manifest with BIND, et al) will be returned
) randomly, not in a rotate once cycle.
Well, if that is true, then it's because of your setup. BIND will rotate
IPs once per query, and that's documented behaviour. I guess I should have
just used us.undernet.org. as the example of a proper IN A round robin,
which is done using multiple IN A's, and also exhibits the shift-each-
host-to-the-left behaviour.
For an easier to see example, nslookup nanog.random.ml.org a couple times.
Name: nanog.random.ml.org
Addresses: 1.1.1.1, 2.2.2.2, 3.3.3.3, 4.4.4.4
5.5.5.5
Name: nanog.random.ml.org
Addresses: 2.2.2.2, 3.3.3.3, 4.4.4.4, 5.5.5.5
1.1.1.1
Name: nanog.random.ml.org
Addresses: 3.3.3.3, 4.4.4.4, 5.5.5.5, 1.1.1.1
2.2.2.2
Name: nanog.random.ml.org
Addresses: 4.4.4.4, 5.5.5.5, 1.1.1.1, 2.2.2.2
3.3.3.3
...
) Finally, if you plan to disagree with anything in this post, please
) quote chapter and verse from the relevant RFC. I've spent a lot of time
) studying this topic and am quite sure of my facts.
I'd rather come up with evidence as opposed to rhetoric, but if you
insist...
Well, I downloaded bind-8.1.2-doc.tar.gz, but I don't really have the time
currently to look through it to find out specific examples in the
documentation.
--
Daniel Reed <n at ml.org> (ask me for my PGP key)
Drugs have taught an entire generation of American kids the metric system.
More information about the NANOG
mailing list