>>
Correct. Try $> nslookup snap.com . You get:
206.132.166.65, 206.132.166.66, 206.132.166.61,
206.132.166.62 206.132.166.63, 206.132.166.64
This may not be round robin'd, but that's what you get
when you lookup a name that is round robin'd.
<<
Right, it may not be round-robined. You need to try another query to see if you
get the addresses in a different order.
>>Each request would(ideally) receive a
different address, but it depends on the TTL you specify
for the A records (see below):
When setting up a round robin scheme (on Unix, at least)
you need to give a TTL for each A record that is very
small. Basically, this tells the server to shuffle the
record often(ideally, every lookup gets a different
address) Here's how I set up the DNS entries (BIND 8):
www.foo.com. 1 IN A 192.168.0.1
www.foo.com. 1 IN A 192.168.0.2
www.foo.com. 1 IN A 192.168.0.3
www.foo.com. 1 IN A 192.168.0.4
...
The TTL of 1 sec in the A record portion basically
changes the returned address every second.
<<
The TTL has (almost) nothing to do with round robin. I have the TTL set to a
week, and I still get different answers with each query. The only effect the
TTL can have is that it controls how long non-authoritative nameservers (NAN)
will cache the answer. If the NAN does round robin itself, it will still rotate
the order of the answers in each response (regardless of whether the server that
it originally got the answer from does round robin). If the NAN doesn't do
round robin, a short TTL will force it to retrieve the answer from another
server, which might give the addresses in a new order. So a short TTL can
provide a benefit in this case (but of course it causes the authoritative
nameservers to be hit much more often by requests).
The TTL on the microsoft.com query that I included in my earlier response to
Tally is 15 minutes. This is a fairly short time to use (most folks use at
least an hour); I suspect they use that value to reduce the effect of outages -
servers that are down will only have their addresses used (assuming MS removes
their address from the master nameserver when they go down) for 15 minutes. But
again, the TTL has little relationship to the effects of round robin.
(The behavior of nameservers I've described is not always followed by other
entities that may cache dns answers. The resolvers on client machines don't
cache answers, but some client applications do. Netscape, for example, appears
to; what's more, it appears to not do any round robin, and it ignores the TTL.
You have to restart Netscape to get it to use a different server address.)
>>
The order in which you get addresses in response to
successive requests (i.e. ping www.foo.com) seems to be
random, you don't get .1 then .2 then .3 then .4 .
<<
It is not random. nslookup will show what answers and order the nameserver is
providing. Successive queries would give 1,2,3,4, then 2,3,4,1, then 3,4,1,2,
etc. But for you to see this, you must be the only one querying that nameserver
for this name.
Tony Rall
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
