North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: bad idea?

  • From: Karyn Ulriksen
  • Date: Wed Jul 05 14:05:52 2000

If all the DNS servers really adhere to the RFCs and really do cache using
the TTLs stated by the zone's SOA server, this might be less of a headache
than it is in reality.  Unfortunately not every ISP is using BIND8, and some
are using much worse than DNS server implementations that the wintel
services out there which completely disregard TTL's in the zone records and
make up there own mind on how long they'll cache.

Besides if you are going to go through the trouble and cost oof building out
web services in multiple locations, any downtime to any enduser due to the
architecture is unacceptible.  Think about it...  Imagine .... You
(yourself) are shelling out somewhere in the neighborhood of a grand a month
for shelf space, then throw on bandwidth, all the programming and
configuration investment (500 - $10,000 [depending on your sucker level])
for the set up... And you gone thru all this trouble...  As a businessman,
are you *really* comfortable with an occasional 30-60 minute down time for
RFC compliant DNS caches and 24-72 hour for non-compliant DNS caching?

I've seen the happiness levels of quite of few big sites over this type of
approach go to hell.  It's cheap going in, but they end up digging in their
pockets for that ole F5 solution afterwards.  Don't get me wrong, I think F5
is WAY overpriced and as soon as GNU gets hold of it and maybe Vixie pushes
some of it into BIND we can all sleep without our pagers with a little less
trepidation.

-Karyn

-----Original Message-----
From: Richard A. Steenbergen [mailto:[email protected]]
Sent: Wednesday, July 05, 2000 10:39 AM
To: Karyn Ulriksen
Cc: '[email protected]'
Subject: RE: bad idea?



On Wed, 5 Jul 2000, Karyn Ulriksen wrote:

> Riigghhhttttt.....   But if the server goes down and the IP is
unreachable,
> DNS will never know and all his structure goes for naught...

Thats actually a good thing, at least for the short-term. If the IP is
down hard and isn't coming back up (for example, the server crashed),
thats a different story. A short TTL works, if you don't mind it
offsetting the benefits of DNS caching. Its an all around grody hack, but
its still better then other alternatives. It also helps if the DNS
"server" for this load balanced sub-domain is integrated with the box, for
example a Foundry ServerIron which can perform health checks, and withdraw
the announcement if its no longer viable to get answers from this server.
As long as the grody-ness stays restricted to this confined area, and
doesn't break anything else... I can live with it.

-- 
Richard A Steenbergen <[email protected]>   http://www.e-gerbil.net/humble
PGP Key ID: 0x138EA177  (67 29 D7 BC E8 18 3E DA  B2 46 B3 D8 14 36 FE B6)