[f-nsp] ServerIronXL 16 or 24 port questions..

Emilia Lambros emilial at hostworks.com.au
Mon Jun 28 07:11:05 EDT 2004 

Agreed - I had my doubts when I first started configuring it, but even with the convoluted solution we put together it still all turned out really well and incredibly redundant (two SLBs at each site, everything running with GSLB and every virtual including DNS running with sym-priorities for failover).  I can't imagine what the performance might be without having SLBs at each site - you'd need to run DSR as a start, and the load balancer also wouldn't have an accurate perspective of the RTT as you said, so you couldn't load balance too well based on RTT.

Also with DNS, you're correct - it does only respond to A records so if you want anything more from it, you will need the SLB to sit in front of name servers.  In our case, we only required A records with a very low ttl, so the SLB doing the job was perfect.

Cheers,
Em 



-----Original Message-----
From: Bjørn Mork [mailto:bjorn at mork.no] 
Sent: Monday, 28 June 2004 5:33 PM
To: Emilia Lambros
Cc: Michael Bellears; foundry-nsp at puck.nether.net
Subject: Re: [f-nsp] ServerIronXL 16 or 24 port questions..

"Emilia Lambros" <emilial at hostworks.com.au> writes:

> The way I understood it when I researched it and subsequently set up 
> gslb, there needed to be ServerIrons at each location.

Yes.  The ServerIrons need to measure the RTT between the real servers an the clients, so you need a ServerIron in the path between every server and client, preferably very close to the servers.  Hard to imagine how to do this without having a ServerIron at each location.
But why not?  It's a great SLB box anyway.

>  Its smoke, mirrors and DNS.  The ServerIrons actually have to have 
> DNS behind them to see the responses and change them if necessary, or 
> they have to provide the DNS for that (sub)domain themselves and they 
> change it if necessary.  They need to have control of the DNS in some 
> way for glsb to work.  Hard to grasp the first time you hear it, but 
> the ServerIrons can do DNS.

In theory.  I practice they can only handle A records, and they will not respond at all to requests for anything else (at least they didn't with 07.1.21 and earlier SW)! This means that you *must* have a real DNS server behind the ServerIron to serve NXDOMAIN answers to e.g. 
AAAA requests, or clients supporting IPv6 will suffer a long delay caused by DNS timeout.


Bjørn

More information about the foundry-nsp mailing list