[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [dnsop] DNS Anycast revisited

To: jing shen <jshen at christmas.9966.org>
Subject: Re: [dnsop] DNS Anycast revisited
From: Bruce Campbell <bc-dnsop at vicious.dropbear.id.au>
Date: Tue, 29 Mar 2005 03:55:14 +1000 (EST)
Cc: dnsop at lists.uoregon.edu
In-reply-to: <1683022758.20050325114150@christmas.9966.org>
References: <FD04562D-506D-11D9-B673-000A95CD987A@muada.com> <Pine.LNX.4.44.0412171705210.25520-100000@cirrus.av8.net> <1683022758.20050325114150@christmas.9966.org>
Reply-to: Bruce Campbell <bc-dnsop at vicious.dropbear.id.au>
Sender: owner-dnsop at lists.uoregon.edu

On Fri, 25 Mar 2005, jing shen wrote:

> I'm trying to set up a anycast DNS server farm for customer service.
> In order to improve availability, we plan to install those servers in
> one LAN which has the similar structure like :
>
>
> server-(1,3)---switch1---router-1---(outside)
>                  |
>                  |
> server-(2,4)---switch2---router-2---(outside)

I'm assuming that the above servers 1-4 each have two (possibly virtual)
interfaces, one being the server's unique, administrative address, and one
being the anycast, public address, and that the 'outside' in both cases is
the same.

> According to above configuration, both routers will know multiple
> paths to dns cache server, while dns cache server should know two
> paths to outside network. Here comes my questions:

> 1) should each dns cache server be configured a static default route
> (0.0.0.0/0.0.0.0)? If server-(1,3) is configured statically to use
> router-1 as default router, will Quagga make it use router-2 when
> router-1 is not reachable?

The simple answer is 'rely on Quagga to set the default routes, but use
statics to your master machine, so you can get to your servers if/when
Quagga dies.'

> 2) If each server is configured two default router ( router-1 &
> router-2), or each server learn route 0.0.0.0/0.0.0.0 by OSPF ( our
> border router inject default route into OSPF ); there should be
> two equal cost path to 0.0.0.0/0.0.0.0 on each DNS server, the DNS
> server should disperse any outgoing packets onto the two paths, will
> that do harm to  DNS service ?

Unless you explicitly enable per-packet load balancing on your servers,
the TCP/IP stack on your servers will round-robin streams between the two
equal-cost default routes, not round-robin packets.  There will not be any
DNS issues on that level.

Enabling per-packet load balancing on your servers is not a useful
optimisation; there is little benefit to be gained, and it is far better
to do such on a device with full routing tables.

> 3) Is there any requirement on BIND to fit to such multipath routing
> situation?

Since you are referring to cache servers, there is only the minor issue of
telling BIND to explicitly listen on the anycasted public server address.

If you were serving authoritative zones, there are other issues to do with
keeping each server in sync (pull zones via administrative addresses, not
the anycasted address).

--==--
Bruce.
.
dnsop resources:_____________________________________________________
web user interface: http://darkwing.uoregon.edu/~llynch/dnsop.html
mhonarc archive: http://darkwing.uoregon.edu/~llynch/dnsop/index.html

Follow-Ups:
- Re: [dnsop] DNS Anycast revisited
  - From: Bruce Campbell

References:
- [dnsop] Re: Anycast 101
  - From: Dean Anderson
- [dnsop] DNS Anycast revisited
  - From: jing shen

Prev by Date: Re: [dnsop] DNS Anycast revisited
Next by Date: Re: [dnsop] DNS Anycast revisited
Previous by thread: Re: [dnsop] DNS Anycast revisited
Next by thread: Re: [dnsop] DNS Anycast revisited
Index(es):
- Date
- Thread