Re: Software DNS hghi availability and load balancer solution [SEC=UNCLASSIFIED]
On Wed, 19 Jan 2011, Wilkinson, Alex wrote: freebsd + varnish + carp (http://www.openbsd.org/faq/pf/carp.html) two of the three won't work @ EC2 (for my purposes, no idea about the original poster - but he did ask about DNS based solutions so I suspect he's in a similar boat) -- david raistrickhttp://www.netmeister.org/news/learn2quote.html dr...@icantclick.org http://www.expita.com/nomime.html
Re: Software DNS hghi availability and load balancer solution
On Tue, 18 Jan 2011, Jay Reitz wrote: gdnsd is very robust and fast and has an interface that a networking engineer won't mind. It comes with a geolocation plugin with health-check failover via HTTP. http://code.google.com/p/gdnsd/ Thanks Jay, that looks like a good option - I like single-focus-software for things like this. ;) -- david raistrickhttp://www.netmeister.org/news/learn2quote.html dr...@icantclick.org http://www.expita.com/nomime.html
Re: Software DNS hghi availability and load balancer solution
On 01/18/2011 07:42 AM, Sergey Voropaev wrote: Does any one know software sollutions (free is preferable) like as cisco GSS and F5 BIG-IP? The main point is that DNS-server (or dns server plugin) must be able to monitor server availability (for example by TCP connect) and from DNS-reply depends on it. I know that it is possible by BIND with set of script. But we are trying to find more usable solution with frendly interface. Thanks a lot. If you want to get fancy you could try an Anycast DNS setup, using GNU's Zebra tool to automatically alter routing tables. http://www.netlinxinc.com/netlinx-blog/45-dns/118-introduction-to-anycast-dns.html You wouldn't use Zebra; it isn't actively developed anymore and has not been updated in many years. Use Quagga instead, which is the community-based offshoot. ... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net We call it the 'one bite at the apple' rule. Give me one chance [and] then I won't contact you again. - Direct Marketing Ass'n position on e-mail spam(CNN) With 24 million small businesses in the US alone, that's way too many apples.
Re: Software DNS hghi availability and load balancer solution
On 2011-01-19, at 08:17, Joe Greco wrote: You wouldn't use Zebra; it isn't actively developed anymore and has not been updated in many years. Use Quagga instead, which is the community-based offshoot. I don't think this is what the original post was asking about, but for the sake of completeness other alternatives to Zebra/Quagga (when using BGP between anycast origin servers and adjacent routers, e.g. with multipath configured on the routers) are OpenBGPd and BIRD. See earlier suggestions for bedtime reading, also: http://www.merit.edu/mail.archives/nanog/msg06970.html. Joe
Re: Software DNS hghi availability and load balancer solution
Am 19.01.11 01:01, schrieb david raistrick: On 01/18/2011 09:42 AM, Sergey Voropaev wrote: Does any one know software sollutions (free is preferable) like as cisco GSS and F5 BIG-IP? The main point is that DNS-server (or dns server plugin) must be able to monitor server availability (for example by TCP connect) and from DNS-reply depends on it. On Tue, 18 Jan 2011, Charles N Wyble wrote: Ha-proxy and linux virtual server are popular packages. Neither of these do DNS. He asked about DNS based loadbalancing (also known as GSLB, among other things) software packages haproxy doesnt, lvs works for dns very well, take a look at keepalived (www.keepalived.org). it supports lvs + vrrp. -- david raistrick http://www.netmeister.org/news/learn2quote.html dr...@icantclick.org http://www.expita.com/nomime.html
Software DNS hghi availability and load balancer solution
Does any one know software sollutions (free is preferable) like as cisco GSS and F5 BIG-IP? The main point is that DNS-server (or dns server plugin) must be able to monitor server availability (for example by TCP connect) and from DNS-reply depends on it. I know that it is possible by BIND with set of script. But we are trying to find more usable solution with frendly interface. Thanks a lot.
Re: Software DNS hghi availability and load balancer solution
On 1/18/2011 11:42 AM, Sergey Voropaev wrote: I know that it is possible by BIND with set of script. But we are trying to find more usable solution with frendly interface. I think powerdns is more flexible in this regard. Not sure about a friendly interface, though. Jack
Re: Software DNS hghi availability and load balancer solution
On Tue, Jan 18, 2011 at 12:42 PM, Sergey Voropaev serge.devo...@gmail.com wrote: Does any one know software sollutions (free is preferable) like as cisco GSS and F5 BIG-IP? The main point is that DNS-server (or dns server plugin) must be able to monitor server availability (for example by TCP connect) and from DNS-reply depends on it. Sergey, I have no suggestions that directly answer your question. I'd write a script against bind myself. But if you're trying to fail over a web server, you're walking into a nasty trap. DNS pinning obstructs web browsers from finding a server on an alternate IP address regardless of the DNS TTL. The core issue is that allowing a browser running javascript to connect to a server other than the one from which the script came is a gigantic security hole. Someone realized you could do that by changing the IP address the host name pointed to, so now there's a convoluted and not entirely standardized set of rules for when and whether the browser allows it. Net result is that in some cases a user's long-running browser will indefinitely ignore the change you made to the DNS. I've seen such things persist for months. For better or for worse, the way you -reliably- fail over a web server is with routing and middleboxes like a load balancer. Regards, Bill Herrin -- William D. Herrin her...@dirtside.com b...@herrin.us 3005 Crane Dr. .. Web: http://bill.herrin.us/ Falls Church, VA 22042-3004
Re: Software DNS hghi availability and load balancer solution
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, Am 18.01.11 19:31, schrieb Jack Bates: On 1/18/2011 11:42 AM, Sergey Voropaev wrote: I know that it is possible by BIND with set of script. But we are trying to find more usable solution with frendly interface. I think powerdns is more flexible in this regard. Not sure about a friendly interface, though. Jack for powerdns exists also an user interface poweradmin. Marco -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.14 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJNNeLeAAoJEN9yMHEBd2HnQ4MIAKJNX1jKpU+ps3GpXee6IUcH 1TlPlfGHVFK89P/y3LFBC85QYM/71aRW/KlmxehpwluOUDl0BzqqElweqQOT9+nz 8nDQVYRpLQQ1OogAVqKoBE4Ij2mtNzTd2ulaATxnWuwPA23lnUxzWMFo2xjqE+30 poUhKLWQIcYcoW2zgjizN6n+llylOLfcrTx/enCMxiVXr/vBIWFue+AiTanGPBGZ W0lAH0Fr9wx40Ys4ls4cykQ23RUEvrSS5Gj3s5u6m6XJfn/AspE74afCi7FVETgI BBAMnkpqJYcRwdfhw9zhU6cTZM3pzHdJIS77lFGKYGNUZ3FzjsEo7tIG3sEn8Ls= =vwpM -END PGP SIGNATURE-
Re: Software DNS hghi availability and load balancer solution
Having hit these issues myself, I heavily recommend a real frontend proxy like nginx or varnish. On 01/18/2011 12:45 PM, William Herrin wrote: On Tue, Jan 18, 2011 at 12:42 PM, Sergey Voropaev serge.devo...@gmail.com wrote: Does any one know software sollutions (free is preferable) like as cisco GSS and F5 BIG-IP? The main point is that DNS-server (or dns server plugin) must be able to monitor server availability (for example by TCP connect) and from DNS-reply depends on it. Sergey, I have no suggestions that directly answer your question. I'd write a script against bind myself. But if you're trying to fail over a web server, you're walking into a nasty trap. DNS pinning obstructs web browsers from finding a server on an alternate IP address regardless of the DNS TTL. The core issue is that allowing a browser running javascript to connect to a server other than the one from which the script came is a gigantic security hole. Someone realized you could do that by changing the IP address the host name pointed to, so now there's a convoluted and not entirely standardized set of rules for when and whether the browser allows it. Net result is that in some cases a user's long-running browser will indefinitely ignore the change you made to the DNS. I've seen such things persist for months. For better or for worse, the way you -reliably- fail over a web server is with routing and middleboxes like a load balancer. Regards, Bill Herrin
Re: Software DNS hghi availability and load balancer solution
Message: 7 Date: Tue, 18 Jan 2011 12:31:32 -0600 From: Jack Bates jba...@brightok.net Subject: Re: Software DNS hghi availability and load balancer solution To: Sergey Voropaev serge.devo...@gmail.com Cc: NANOG list nanog@nanog.org Message-ID: 4d35dc84.8020...@brightok.net Content-Type: text/plain; charset=ISO-8859-1; format=flowed On 1/18/2011 11:42 AM, Sergey Voropaev wrote: I know that it is possible by BIND with set of script. But we are trying to find more usable solution with frendly interface. I think powerdns is more flexible in this regard. Not sure about a friendly interface, though. Jack I find Poweradmin quite usable. See https://www.poweradmin.org/trac/ for details. -Christopher Hunt
Re: Software DNS hghi availability and load balancer solution
On Tue, 18 Jan 2011, William Herrin wrote: Net result is that in some cases a user's long-running browser will indefinitely ignore the change you made to the DNS. I've seen such things persist for months. Do you have any recent evidence to support this? The what-browsers-do-with-what world changes daily... and my understanding is that a lot of these things that used to be problems have been changed. For better or for worse, the way you -reliably- fail over a web server is with routing and middleboxes like a load balancer. Alas, sometimes that's just not possible - try doing that @ EC2, for example (which is why I've recently been on the hunt for GSLB solutions that don't involve appliances...). -- david raistrickhttp://www.netmeister.org/news/learn2quote.html dr...@icantclick.org http://www.expita.com/nomime.html
Re: Software DNS hghi availability and load balancer solution
On Tue, 18 Jan 2011, Rhys Rhaven wrote: Having hit these issues myself, I heavily recommend a real frontend proxy like nginx or varnish. A frontend proxy (nginx, varnish, haproxy, or anything else) doesnt give you HA any more than any other loadbalancer solution does. You need a way to send traffic to another frontend server when the primary frontend server fails, or is overloaded, transparently. The tools we have available these days to do this are VRRP-like solutions (which all of the appliances use) that use multicast, some amount of NAT and routing magic (which I've often not seen done sanely), or DNS solutions (better known as GSLB) that dynamicly change the DNS responses depending on conditions (which could be source location, or could be server availability, or whatever). Normally, VRRP would be the way to go. But these days multicast isn't supported everywhere (major example - Amazon EC2), leaving DNS... -- david raistrickhttp://www.netmeister.org/news/learn2quote.html dr...@icantclick.org http://www.expita.com/nomime.html
Re: Software DNS hghi availability and load balancer solution
On 1/18/2011 1:42 PM, david raistrick wrote: Normally, VRRP would be the way to go. But these days multicast isn't supported everywhere (major example - Amazon EC2), leaving DNS... Many HA environments use both, and F5 is designed to do both, supporting DNS tricks (of which, you could possibly run host based monitoring and dynamic updates to accomplish), anycast routing, and vrrp-like DSR/NAT load balancing. Jack
Re: Software DNS hghi availability and load balancer solution
On Tue, 18 Jan 2011, Jack Bates wrote: On 1/18/2011 1:42 PM, david raistrick wrote: Normally, VRRP would be the way to go. But these days multicast isn't supported everywhere (major example - Amazon EC2), leaving DNS... Many HA environments use both, and F5 is designed to do both, supporting DNS tricks (of which, you could possibly run host based monitoring and dynamic updates to accomplish), anycast routing, and vrrp-like DSR/NAT load balancing. Agreed. But sometimes you can't do both. ;) Now if F5 would sell me an appliance that runs their GSLB code I could run @ EC2. ;) -- david raistrickhttp://www.netmeister.org/news/learn2quote.html dr...@icantclick.org http://www.expita.com/nomime.html
Re: Software DNS hghi availability and load balancer solution
On Tue, Jan 18, 2011 at 3:49 PM, Dorn Hetzel d...@hetzel.org wrote: If it wouldn't be too ugly, could this be circumvented by having the web application continually do its next operation against an incrementing subhost name like syymmddhhmmss or snnn.www.foo.com in order to convince the local browser and client os to do a fresh lookup? Hi Dorn, There's an efficiency problem where you can no longer pipeline http requests and have to delay every http request while a DNS lookup happens. Also it'd probably crush your google pagerank. And you still wouldn't get around the javascript in your web 2.0 pages needing to go back to the same server name it came from in order to update the content on those pages. The custom name strategy does have some other really neat applications though. You can track a session without setting a cookie. And consider a large email system: suppose you encode the account name in the server name and then point that encoded name to the server which actually holds that user's account? You can eliminate the expensive front-end that multiplexes user access to the backend servers. Regards, Bill Herrin -- William D. Herrin her...@dirtside.com b...@herrin.us 3005 Crane Dr. .. Web: http://bill.herrin.us/ Falls Church, VA 22042-3004
Re: Software DNS hghi availability and load balancer solution
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ha-proxy and linux virtual server are popular packages. On 01/18/2011 09:42 AM, Sergey Voropaev wrote: Does any one know software sollutions (free is preferable) like as cisco GSS and F5 BIG-IP? The main point is that DNS-server (or dns server plugin) must be able to monitor server availability (for example by TCP connect) and from DNS-reply depends on it. I know that it is possible by BIND with set of script. But we are trying to find more usable solution with frendly interface. Thanks a lot. - -- Charles N Wyble (char...@knownelement.com) Systems craftsman for the stars http://www.knownelement.com Mobile: 626 539 4344 Office: 310 929 8793 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJNNiivAAoJEMvvG/TyLEAtnnIQAIYceJh4o1HdFqg0sEc7wBmH W6JejIsI/mrOXaODXLrLjsEuAqGMB9F0For8o3ZTXshnPFldbOcKedAgg0xvZNN6 YlKvvfrrqjRJbIa9ZgeJ9Tqe7/HMPDXWtfxWjzdVIlQE9xuIMIZVZ7F9HHyLfUwU eyWrfEWqjWFlDGSUOqQzlNGt0QoGSEataRNjQX4S4juEmPxN6L+owAvK3dbO61ff 74Nt+KNLBqycbGOcGdiyAIt18GDrR7T35S2hoJ/igcF22Ik76d3pJQNKPgR7dXY6 RPaEftL4W5Kyabhmi6KsBreyeIEqPKq1J9xLlsgujnqHwIw9M/dr+yuVwPGnxiqU f72TreyrLL2ctqX/VrlJWLUdSNQ8YaHmdUVWOrN8STc922AGc3gnpBWrc4GsR3pj d1839gYtgP5niqeMaEw+k/089G9YuIdDETW2a64AFYsa0p/DUy11Zco30ioDuymo UYtJ6X+arJuoD2QtO7onDb0kI3HnzR7xsGyV14KuglSlXF4D3PtveaETEHAWLefr L3uC+WhDZWkaZJKmA60UAiRP0tRbQYEzoCYKEOdS324odeLmnfvNQhzhiEfuABQq quHBhnHjNNr+V9AT10VSd3jXmOoa0oZnuJyD6v94MqzX/M8/TDgvCi8awxXapVpa 2/ldrIuwMeTJBrgamMmm =UzNz -END PGP SIGNATURE-
Re: Software DNS hghi availability and load balancer solution
On 01/18/2011 09:42 AM, Sergey Voropaev wrote: Does any one know software sollutions (free is preferable) like as cisco GSS and F5 BIG-IP? The main point is that DNS-server (or dns server plugin) must be able to monitor server availability (for example by TCP connect) and from DNS-reply depends on it. On Tue, 18 Jan 2011, Charles N Wyble wrote: Ha-proxy and linux virtual server are popular packages. Neither of these do DNS. He asked about DNS based loadbalancing (also known as GSLB, among other things) software packages -- david raistrickhttp://www.netmeister.org/news/learn2quote.html dr...@icantclick.org http://www.expita.com/nomime.html
Re: Software DNS hghi availability and load balancer solution
Hi Guys, First time post so please excuse. * * I think you can get a free Citrix NetScaler virtual applicance (VPX) that will do this with GSLB. other then that PowerDNS has a very good geolocation plugin, so they may also have an availabiliy plugin for checks... * * I am also looking for a combined open source geolocation and availability checking DNS Platform. * * Gary On 18 January 2011 23:56, Charles N Wyble char...@knownelement.com wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ha-proxy and linux virtual server are popular packages. On 01/18/2011 09:42 AM, Sergey Voropaev wrote: Does any one know software sollutions (free is preferable) like as cisco GSS and F5 BIG-IP? The main point is that DNS-server (or dns server plugin) must be able to monitor server availability (for example by TCP connect) and from DNS-reply depends on it. I know that it is possible by BIND with set of script. But we are trying to find more usable solution with frendly interface. Thanks a lot. - -- Charles N Wyble (char...@knownelement.com) Systems craftsman for the stars http://www.knownelement.com Mobile: 626 539 4344 Office: 310 929 8793 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJNNiivAAoJEMvvG/TyLEAtnnIQAIYceJh4o1HdFqg0sEc7wBmH W6JejIsI/mrOXaODXLrLjsEuAqGMB9F0For8o3ZTXshnPFldbOcKedAgg0xvZNN6 YlKvvfrrqjRJbIa9ZgeJ9Tqe7/HMPDXWtfxWjzdVIlQE9xuIMIZVZ7F9HHyLfUwU eyWrfEWqjWFlDGSUOqQzlNGt0QoGSEataRNjQX4S4juEmPxN6L+owAvK3dbO61ff 74Nt+KNLBqycbGOcGdiyAIt18GDrR7T35S2hoJ/igcF22Ik76d3pJQNKPgR7dXY6 RPaEftL4W5Kyabhmi6KsBreyeIEqPKq1J9xLlsgujnqHwIw9M/dr+yuVwPGnxiqU f72TreyrLL2ctqX/VrlJWLUdSNQ8YaHmdUVWOrN8STc922AGc3gnpBWrc4GsR3pj d1839gYtgP5niqeMaEw+k/089G9YuIdDETW2a64AFYsa0p/DUy11Zco30ioDuymo UYtJ6X+arJuoD2QtO7onDb0kI3HnzR7xsGyV14KuglSlXF4D3PtveaETEHAWLefr L3uC+WhDZWkaZJKmA60UAiRP0tRbQYEzoCYKEOdS324odeLmnfvNQhzhiEfuABQq quHBhnHjNNr+V9AT10VSd3jXmOoa0oZnuJyD6v94MqzX/M8/TDgvCi8awxXapVpa 2/ldrIuwMeTJBrgamMmm =UzNz -END PGP SIGNATURE-
Re: Software DNS hghi availability and load balancer solution
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 01/18/2011 04:01 PM, david raistrick wrote: On 01/18/2011 09:42 AM, Sergey Voropaev wrote: Does any one know software sollutions (free is preferable) like as cisco GSS and F5 BIG-IP? The main point is that DNS-server (or dns server plugin) must be able to monitor server availability (for example by TCP connect) and from DNS-reply depends on it. On Tue, 18 Jan 2011, Charles N Wyble wrote: Ha-proxy and linux virtual server are popular packages. Neither of these do DNS. What does that mean? Load balance DNS lookups across multiple servers? Or use DNS to load balance? I've never setup a load balancer for DNS before. Always just had one server and moved the VM in event of failure/maintenance. He asked about DNS based loadbalancing (also known as GSLB, among other things) software packages Ah. DNS based load balancing. I've heard good things about powerdns for that. - -- Charles N Wyble (char...@knownelement.com) Systems craftsman for the stars http://www.knownelement.com Mobile: 626 539 4344 Office: 310 929 8793 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJNNjK6AAoJEMvvG/TyLEAtT1gQALYOb8mYK8llulRAikXo0Nij nTaBSq8Bj/DnTA85iZpa1MZ0WCQY6ofXnOjvvfUvqM3idFzQC4I5R/gPgPgZrfYg ZKZFuaEIiqT0zMzufzM4rAZk96zH/BkgcXK0M7foS1vLijxWCo06Ba2Srga1Uawo JpZXp2WZILZc1VRCdvxBioU3UHWSdjiDjVZ9p+uMXTDjh/O7VpPNh4LhP0fdfY/P K/WMpTTm8djCyTuzgnx0KXucjp7uqmdy+7LrvROQ67avqcooDzM7P8amw8OI+SyC Y2ipe7iHREenH1Cr9V8bABUn3qJuHwEgQxObu5SS+mZsCH3YpjCsog3j9TWpwNZd 34Jm+/viYCxEYvPM9j2r3ABJPGsQQcjbkE1mGqEKxsWSNIss9wTuqDDofc0JfnN/ GkZpZZLjpxdA7DCV1gioaVVhUNPELg/qSM/3DfVnW1EA24PIyfLOeZcwC9jHS0X/ DjgnjpktoFu1gVIZTKf4jOGEqdbympYabr/NhYRSKrA1uLJUOHAHN47QJonP5CkI YuEPM3uEmmO5/S2C1gKYKa3hHFQpfMcqjSwdGnCrcJ/G+j6PyU/YmTOy+2RMJI6A UKgP1IK7hYeBScPB/qibfkgNeakBjg+WIO3djps7lqxR2QSUzK6qIqQSGeK1euxt GqK3Q9I7rh+tDEtA3t4Y =PTkN -END PGP SIGNATURE-
Re: Software DNS hghi availability and load balancer solution
What does that mean? Load balance DNS lookups across multiple servers? Or use DNS to load balance? I've never setup a load balancer for DNS before. Always just had one server and moved the VM in event of failure/maintenance. * * I think using DNS to load balance is what was meant, PowerDNS can do this, but most DNS servers can to basic load balancing/round robin (it will just give out a different/multiple A Records each time. I've done this with bind and Microsoft before. PowerDNS has an awsome geolocation plugin, and that probably can be tied to a check to see if the IP is up so it's actually checking the status of IPs to make it more automated. Gary On 19 January 2011 00:39, Charles N Wyble char...@knownelement.com wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 01/18/2011 04:01 PM, david raistrick wrote: On 01/18/2011 09:42 AM, Sergey Voropaev wrote: Does any one know software sollutions (free is preferable) like as cisco GSS and F5 BIG-IP? The main point is that DNS-server (or dns server plugin) must be able to monitor server availability (for example by TCP connect) and from DNS-reply depends on it. On Tue, 18 Jan 2011, Charles N Wyble wrote: Ha-proxy and linux virtual server are popular packages. Neither of these do DNS. What does that mean? Load balance DNS lookups across multiple servers? Or use DNS to load balance? I've never setup a load balancer for DNS before. Always just had one server and moved the VM in event of failure/maintenance. He asked about DNS based loadbalancing (also known as GSLB, among other things) software packages Ah. DNS based load balancing. I've heard good things about powerdns for that. - -- Charles N Wyble (char...@knownelement.com) Systems craftsman for the stars http://www.knownelement.com Mobile: 626 539 4344 Office: 310 929 8793 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJNNjK6AAoJEMvvG/TyLEAtT1gQALYOb8mYK8llulRAikXo0Nij nTaBSq8Bj/DnTA85iZpa1MZ0WCQY6ofXnOjvvfUvqM3idFzQC4I5R/gPgPgZrfYg ZKZFuaEIiqT0zMzufzM4rAZk96zH/BkgcXK0M7foS1vLijxWCo06Ba2Srga1Uawo JpZXp2WZILZc1VRCdvxBioU3UHWSdjiDjVZ9p+uMXTDjh/O7VpPNh4LhP0fdfY/P K/WMpTTm8djCyTuzgnx0KXucjp7uqmdy+7LrvROQ67avqcooDzM7P8amw8OI+SyC Y2ipe7iHREenH1Cr9V8bABUn3qJuHwEgQxObu5SS+mZsCH3YpjCsog3j9TWpwNZd 34Jm+/viYCxEYvPM9j2r3ABJPGsQQcjbkE1mGqEKxsWSNIss9wTuqDDofc0JfnN/ GkZpZZLjpxdA7DCV1gioaVVhUNPELg/qSM/3DfVnW1EA24PIyfLOeZcwC9jHS0X/ DjgnjpktoFu1gVIZTKf4jOGEqdbympYabr/NhYRSKrA1uLJUOHAHN47QJonP5CkI YuEPM3uEmmO5/S2C1gKYKa3hHFQpfMcqjSwdGnCrcJ/G+j6PyU/YmTOy+2RMJI6A UKgP1IK7hYeBScPB/qibfkgNeakBjg+WIO3djps7lqxR2QSUzK6qIqQSGeK1euxt GqK3Q9I7rh+tDEtA3t4Y =PTkN -END PGP SIGNATURE-
Re: Software DNS hghi availability and load balancer solution
PowerDNS has an awsome geolocation plugin, and that probably can be tied to a check to see if the IP is up so it's actually checking the status of IPs to make it more automated. Gary gdnsd is very robust and fast and has an interface that a networking engineer won't mind. It comes with a geolocation plugin with health-check failover via HTTP. http://code.google.com/p/gdnsd/ j.
Re: Software DNS hghi availability and load balancer solution
On 01/18/2011 07:42 AM, Sergey Voropaev wrote: Does any one know software sollutions (free is preferable) like as cisco GSS and F5 BIG-IP? The main point is that DNS-server (or dns server plugin) must be able to monitor server availability (for example by TCP connect) and from DNS-reply depends on it. I know that it is possible by BIND with set of script. But we are trying to find more usable solution with frendly interface. Thanks a lot. If you want to get fancy you could try an Anycast DNS setup, using GNU's Zebra tool to automatically alter routing tables. http://www.netlinxinc.com/netlinx-blog/45-dns/118-introduction-to-anycast-dns.html Paul
Re: Software DNS hghi availability and load balancer solution
On Tue, 18 Jan 2011, Charles N Wyble wrote: He asked about DNS based loadbalancing (also known as GSLB, among other things) software packages Ah. DNS based load balancing. I've heard good things about powerdns for that. I assume the good things is that with powerdns and the gmysql backend, it's trivial to have a script do some SQL updates as often as you need to change the content and change_date of the records you're using for the DNS based load balancing. -- Jon Lewis, MCP :) | I route Senior Network Engineer | therefore you are Atlantic Net| _ http://www.lewis.org/~jlewis/pgp for PGP public key_
Re: Software DNS hghi availability and load balancer solution [SEC=UNCLASSIFIED]
0n Tue, Jan 18, 2011 at 02:42:57PM -0500, david raistrick wrote: On Tue, 18 Jan 2011, Rhys Rhaven wrote: Having hit these issues myself, I heavily recommend a real frontend proxy like nginx or varnish. A frontend proxy (nginx, varnish, haproxy, or anything else) doesnt give you HA any more than any other loadbalancer solution does. You need a way to send traffic to another frontend server when the primary frontend server fails, or is overloaded, transparently. freebsd + varnish + carp (http://www.openbsd.org/faq/pf/carp.html) -Alex IMPORTANT: This email remains the property of the Department of Defence and is subject to the jurisdiction of section 70 of the Crimes Act 1914. If you have received this email in error, you are requested to contact the sender and delete the email.
