On Fri, Jan 31, 2025 at 5:42 PM Brian J. Murrell via FreeIPA-users < [email protected]> wrote: > > Is there any supported configuration that instructs a slave replica to > first forward DNS queries to the master replica's DNS server and only > if it is down, to try to resolve recursively on it's own? >
I don't think there is a setting to do what you want to do. With what can be done, I don't think you would gain anything with a setting like that, as the replica would be recursing through the other server, actually increasing the load on your deployment (both servers will act on the same request). > The goal here is to leverage the cache of the master replica to reduce > outbound queries from the slave replica. > > Ultimately, I want the slave replica to be as quiet/unloaded as > possible and only really be used in the case of the master replica > being down, if that helps the context any. > > This is for a small slave host in a very small network -- one where > even a single replica is more than enough to satisfy the clients, but > just looking to add redundancy and major version O/S upgrade paths > (since FreeIPA cannot do in-place upgrades on EL and must use a replica > to replicate from one the O/S major version upgrade is done -- assuming > that is still the state of FreeIPA's in-place upgrade limitations -- on > EL8 at least). > As you are talking about a small network (and I'm thinking really small here) I don't see much gain in what you are trying to do. This might affect clients which may have to contact both name servers, may cause service disruption and for this small network are DNS requests really increasing much load on the servers? I have very small nameservers (actually DNS sinks, not FreeIPA servers) on my "very tiny" network and the load on them(6000 to 7000 queries/day), due to DNS requests, is almost negligible. All that said, if you use DHCP to configure the nameservers, and if you have a short lease time, you may try to change DHCP configuration to "hide" one of the nameservers during the time you want to reduce load on it. Rafael > Cheers, > b. > > -- > _______________________________________________ > FreeIPA-users mailing list -- [email protected] > To unsubscribe send an email to [email protected] > Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: https://lists.fedorahosted.org/archives/list/[email protected] > Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue -- Rafael Guterres Jeffman Senior Software Engineer FreeIPA - Red Hat
-- _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
