i have another question. during domain registration, the registrant has the option of putting in a number of dns servers: primary, secondary, tertiary, etc...
based on the explanation, this is not the order of priority but just a number of dns servers that may be used to resolved the domain. right?
thanks.
From: Hagibis Fan <[EMAIL PROTECTED]>
Reply-To: Philippine Linux Users Group Mailing List <[EMAIL PROTECTED]>
To: Philippine Linux Users Group Mailing List <[EMAIL PROTECTED]>
Subject: Re: [plug] dns and multiple ns entries
Date: 03 Jul 2003 23:01:06 -0400
hi..cant resist posting again so here goes:
>From Mr. DNS hisself (heres a google mirror: http://216.239.39.100/search?q=cache:U5YxzIvoS94J:www.acmebw.com/askmrdns/archive.php%3Fcategory%3D83%26question%3D3+ask+mr+dns+mirror&hl=en&ie=UTF-8
--------- " The querying name server calculates and stores a round trip time (RTT) for each name server for a zone (i.e., for each NS record). The RTT is the time--in milliseconds--that it takes that name server to respond to queries. When faced with multiple sources of information about a zone in the form of multiple NS records, the querying name server asks the name server with the lowest RTT. In the case of a tie, it picks among them at random. After a name server is queried, the querying name server updates its RTT.......... So to answer your question, it isn't just the primary master who is consulted--all the authoritative name servers for a zone are consulted by other name servers. A querying name server will eventually favor the authoritative name server which responds the fastest. "
---------- From the info on that link, seems what you want to do is tough to do--but even IF you could, my point was that your zone records will be cached on your client's ISP's DNS server anyway so he will consult that first before his the ISP queries you (at least until the TTL is timed out). so basically even if yur server is down, the client dns query wont even notice that yur server is down, most of the time.
whats missing in the discussion here in da mailing list is that the users query their ISP's DNS servers, not yours. Whatevers cached in there will be sent back to the users without even contacting you again.
you might do it with listing only your desired NS record, but let me share my argument with my friend who i'm maintaining the DNS record for: he wants to list only one NS record and repoint NS record to another name server when the primary machine goes down. I didnt give---for one, we'd have a problem with one TTL setting that we cant control---the root (top level DNS) server's TTL settings. even if we changed our NS servers thru our registrar, the changes will take next day at the least and that'd be too late.
However if you're redirecting just subdomains (3nd level & below) one good options is to give a low TTL and change that whenever you want. Clients will be forced to refresh with the low TTL, so you got a chance there, i mean listing only the NS records you want and changing them. Client would then notice every hour or so (or whatever TTL you give).
(disclaimer: i have only 3 servers i maintain dns for (about 10 domains) so my view might be limited...welcome for criticizms)
jondz
On Thu, 2003-07-03 at 20:09, Ronald Warner wrote:
> i would like to control what dns server the client contacts. let's say we
> have two dns servers in our organization, a primary and a secondary dns
> server and our isps were kind enough to host our zone files in their dns
> server.
>
> what i would like to know is if we can have the clients contact the
> organization's primary and secondary dns server instead of the isps' dns
> server. the isps' dns server will only be contacted if both the primary and
> secondary dns servers are down.
>
> from this thread, by default all dns servers are equal and are contacted by
> clients based on which dns server is "near". so, there is no way of
> changing this?
>
> thanks.
>
>
> >From: Pong <[EMAIL PROTECTED]>
> >Reply-To: Philippine Linux Users Group Mailing List
> ><[EMAIL PROTECTED]>
> >To: Philippine Linux Users Group Mailing List <[EMAIL PROTECTED]>
> >Subject: Re: [plug] dns and multiple ns entries
> >Date: Thu, 3 Jul 2003 14:55:02 +0800 (PHT)
> >
> >
> >cool down man. humahagibis ka naman agad eh =)
> >just re-read the original post:
> >
> >---ORIGINAL POST---
> >1. what is the priority of the ns that is given to the client? is it the
> >first ns and if it fails it goes to the second? is it round-robin?
> >2. is there any way of controlling this?
> >---END---
> >
> >i got the feeling that the poster wanted to control which of his
> >servers will answer dns request most of the time and do not want to be
> >under the mercy of the client's querying algorithms/preference.
> >
> >On 3 Jul 2003, Hagibis Fan wrote:
> > > sure all these may work..but my $0.2 is: why???
> > > the point of having multiple DNS servers
> > > is to spread zone info on as wide as possible;
> > > they should also contain IDENTICAL information
> > > (one master and all the other slaves loading
> > > on the master).
> >
> >no issue here. we are not trying to defeat DNS
> >itself. that all NS servers have identical info
> >is a given.
> >
> > > so for
> > > 2 IPs on the same machine is kinda pointless
> > > since they'll go down the same way. I'd spread
> > > DNS servers as far apart as I can (different
> > > computer, different network segment, diffrent
> > > country!). so anyway it shouldt matter which
> > > dns server gets priority, they should contain
> > > the same info!
> >
> >the purpose of multiple IPs is too simply increase
> >round-robin hit rate probability for a prefered server.
> >IT is NOT to increase uptime.
> >
> >the downside to this is that "dead spot" hit rate
> >also increases if the preferred server goes down and it
> >is totally useless for clients not doing round-robin-->
> >which brings us to udp-proxying with failover solution.
> >
> >
> > > PLUS, all the other nameservers
> > > cache yur info already anyway (the client's
> > > ISP's name servers WILL HAVE your zone info
> > > and WILL STAY on their cache as per your
> > > Zone's TTL values...so why bother to cache
> > > it..
> > >
> > > so anyway i dont know what the original poster
> > > wanted to do.....its rare that one has like a hundred
> > > zones so why load balance it (if load balancing
> > > is the objective)--
> > >
> >
> >udp-proxy+failover with DNS: so that you can make
> >the preferred machine serve most queries during its uptime
> >no matter what algo the client is using
> >without the nasty side-effect of introducing an increased dead-spot
> >hit rate during its downtimes.
> >
> >load-balancing was just optional because most L4 hardware
> >offer it for orgs with hundreds of zones or for DOS protection.
> >
> >pe-preno na ko dito. =)
> >
> >pong
> >
> >--
> >Philippine Linux Users' Group (PLUG) Mailing List
> >[EMAIL PROTECTED] (#PLUG @ irc.free.net.ph)
> >Official Website: http://plug.linux.org.ph
> >Searchable Archives: http://marc.free.net.ph
> >.
> >To leave, go to http://lists.q-linux.com/mailman/listinfo/plug
> >.
> >Are you a Linux newbie? To join the newbie list, go to
> >http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
>
> _________________________________________________________________
> STOP MORE SPAM with the new MSN 8 and get 2 months FREE*
> http://join.msn.com/?page=features/junkmail
>
> --
> Philippine Linux Users' Group (PLUG) Mailing List
> [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph)
> Official Website: http://plug.linux.org.ph
> Searchable Archives: http://marc.free.net.ph
> .
> To leave, go to http://lists.q-linux.com/mailman/listinfo/plug
> .
> Are you a Linux newbie? To join the newbie list, go to
> http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
--
Hagibis Fan <[EMAIL PROTECTED]>
-- Philippine Linux Users' Group (PLUG) Mailing List [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) Official Website: http://plug.linux.org.ph Searchable Archives: http://marc.free.net.ph . To leave, go to http://lists.q-linux.com/mailman/listinfo/plug . Are you a Linux newbie? To join the newbie list, go to http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
_________________________________________________________________
The new MSN 8: advanced junk mail protection and 2 months FREE* http://join.msn.com/?page=features/junkmail
-- Philippine Linux Users' Group (PLUG) Mailing List [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) Official Website: http://plug.linux.org.ph Searchable Archives: http://marc.free.net.ph . To leave, go to http://lists.q-linux.com/mailman/listinfo/plug . Are you a Linux newbie? To join the newbie list, go to http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
