[f-nsp] ServerIronXL 16 or 24 port questions..
Bjørn Mork
bjorn at mork.no
Mon Jun 28 07:44:18 EDT 2004
"Emilia Lambros" <emilial at hostworks.com.au> writes:
> Also with DNS, you're correct - it does only respond to A records so
> if you want anything more from it, you will need the SLB to sit in
> front of name servers. In our case, we only required A records with
> a very low ttl, so the SLB doing the job was perfect.
That's what we wanted too.
The problem is that you can't control which questions it gets. Lots
of clients will ask for AAAA records nowadays. A regular DNS server
will immediately return NXDOMAIN when no AAAA records are defined, but
the ServerIron didn't even when running as a standalone DNS server. It
just dropped the AAAA requests, causing long delays for these clients
before they eventually timed out and fell back to asking for an A
record.
Therefore, you do want to run a real DNS server behind it even if you
are just serving A records. The real DNS server will generate the
proper NXDOMAIN anwsers
Now, I should of course add a disclaimer: This was the observed
behaviour the way we configured it. We might have forgotten some
crucial part. Here are the relevant parts of the config before adding
a real DNS server in case anyone wants to verify it:
server virtual vs 148.x.x.69
predictor round-robin
port http
port dns
bind http real1 http real2 http real3 http real4 http
gslb policy
round-trip-time tolerance 0
round-trip-time cache-prefix 16
round-trip-time cache-interval 1800
dns ttl 60
dns override
dns cache-proxy
gslb site Site1
si serveriron1 148.x.x.67
gslb site Site2
si serveriron2 217.x.x.3
gslb dns zone glsb.example.com
host-info null-host http
host-info null-host ip-list 148.x.x.69 217.x.x.4
Bjørn
More information about the foundry-nsp
mailing list