-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 02/18/2014 12:09 PM, Ulrich Windl wrote: > Hi! > > Did you read the bind manual pages about "sortlist"?
The official Bind 9 reference guide says: "The client resolver code should rearrange the RRs as appropriate, that is, using any addresses on the *local net* in preference to other addresses." That is exactly what I am experiencing :( Thanks for the pointer! > > Ulrich > >>>> Dennis Leeuw <[email protected]> schrieb am 18.02.2014 um >>>> 10:33 in > Nachricht <[email protected]>: Hi all, > > I hope I am on the right list for the problem I am experiencing. > > We have two subnets 192.168.196. 192.168.222. > > Our main LDAP servers run in 192.168.196. and are load-balanced by > round-robin DNS. The 192.168.196. network is exhausted, so we added > a new LDAP slave to 192.168.222. and added the IP address to the > round-robin pool. But it seems that it is only used by other > servers in the 192.168.222 network and not by servers in the > 192.168.196. network > > This setup has now been running for 6 days, with nscd.conf: > enable-cache hosts yes positive-time-to-live hosts > 3600 > negative-time-to-live hosts 20 suggested-size hosts > 211 > check-files hosts yes persistent hosts > yes shared hosts yes > max-db-size hosts 33554432 > > and nslcd.conf: uid nslcd gid ldap uri > ldap://ldap.div.ourdomain.nl/ base dc=div,dc=ourdomain,dc=nl ssl > no tls_cacertdir /etc/openldap/cacerts > > The LDAP server in the 192.168.222 range serves only 33 > connections all from the 192.168.222 range, and the 2 hosts in the > 192.168.196 range serve 599 and 706 connections. The last 2 servers > do serve the 143.121.222. network also. So might there be some > caching issue? > > $ getent ahost ldap.div.ourdomain.nl 192.168.196.190 STREAM > ldap.div.ourdomain.nl 192.168.196.190 DGRAM 192.168.196.190 RAW > 192.168.196.151 STREAM 192.168.196.151 DGRAM 192.168.196.151 RAW > 192.168.222.179 STREAM 192.168.222.179 DGRAM 192.168.222.179 RAW > > Is this the right list for this question? And if so can someone > help me understand what is going on? > > With kind regards, > > Dennis Leeuw > >> >> ------------------------------------------------------------------------------ >> >> >> De informatie opgenomen in dit bericht kan vertrouwelijk zijn en is >> uitsluitend bestemd voor de geadresseerde. Indien u dit bericht >> onterecht ontvangt, wordt u verzocht de inhoud niet te gebruiken >> en de afzender direct te informeren door het bericht te >> retourneren. Het Universitair Medisch Centrum Utrecht is een >> publiekrechtelijke rechtspersoon in de zin van de W.H.W. (Wet >> Hoger Onderwijs en Wetenschappelijk Onderzoek) en staat >> geregistreerd bij de Kamer van Koophandel voor Midden-Nederland >> onder nr. 30244197. >> >> Denk s.v.p aan het milieu voor u deze e-mail afdrukt. >> >> ------------------------------------------------------------------------------ >> >> >> This message may contain confidential information and is intended >> exclusively for the addressee. If you receive this message >> unintentionally, please do not use the contents but notify the >> sender immediately by return e-mail. University Medical Center >> Utrecht is a legal person by public law and is registered at the >> Chamber of Commerce for Midden-Nederland under no. 30244197. >> >> Please consider the environment before printing this e-mail. > > > - -- ICT Medewerker Divisie Biomedische Genetica UMC Utrecht Heidelberglaan 100 STR2.126 3584 CX Utrecht The Netherlands 06 27744048 intern: 64048 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJTA09oAAoJEMVYYpdbQsco7aEIAKseWCH9bnzpIKssAkQLIH26 yDjB7Ypj+Mog3QB9vk8GCLrfTJN60biJjwVE1OeONcq3dVM1NSwwxyy490tjtG+s t0e5dQvLPEgTQbefLZZ+xXQzKi4d2pdesJv0MRbWsVJs/OApAmkvg/N0eDEvzDDq s5n/VJQeEY82N/gWKe5ukX0ePJZAbubAtB0aGesqAgoSZyfQ76WEF79x5FOPGPth iwvPSOW61xKwVyY8aeuezfXI0C+YfkU1g8YW7TP/80P74MK+SdzkbPVDfyu2oZ8a w2bShRSH4BcZJsKvxxAHXpP81OJ6V3YwWtQFPu5Qvz/8rW3PRMCef3YoCOgYl/8= =KchD -----END PGP SIGNATURE-----
