Von: bind-users im Auftrag von Warren Kumari
Gesendet: Freitag, 20. März 2020 18:15
An: bind-users
Betreff: Re: How to get random subset of large rrset (30+ IPs for round robin)?
On Fri, Mar 20, 2020 at 1:04 PM Matus UHLAR - fantomas
wrote:
>
> >On Fri, Mar 20, 2020 at 3:14
ese addresses have to be returned in random order round robin,
>> which is done with:
>> Now I'd like bind to just return a random subset of e.g. 5 IP addresses
>> if someone requests this A record.
On 20.03.20 10:37, Warren Kumari wrote:
>I realize that this is the BIND
It's incredibly hacky, but what about setting different nameservers
with different sets of addresses for the FQDN in question?
--
Fred
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users
> On 21 Mar 2020, at 04:22, Bob Harold wrote:
>
> Do you know why the OS is having a problem? It just occurs to me that the
> problem might be that the result does not fit in a UDP packet, (without
> EDNS?) and the fallback to TCP is not working. Can you try 'dig ...' and
> 'dig +tcp ...'
it only returns a random
subset of all these IPs.
I question if you need "random" or if "round robin" (rotating) would
work. Do they need to be truly random? Or would simply circulating a
(possibly randomized) list suffice?
Has someone an idea on how to achieve the latter?
time
> > >> in research - maybe you guys have an idea:
> > >>
> > >> With bind, I'd need to serve a single A record with 30+ IP
> addresses and
> > >> these addresses have to be returned in random order round robin,
> > >> which i
gt;> With bind, I'd need to serve a single A record with 30+ IP addresses and
> >> these addresses have to be returned in random order round robin,
> >> which is done with:
>
> >> Now I'd like bind to just return a random subset of e.g. 5 IP addresses
> >>
order round robin,
which is done with:
Now I'd like bind to just return a random subset of e.g. 5 IP addresses
if someone requests this A record.
On 20.03.20 10:37, Warren Kumari wrote:
I realize that this is the BIND list, but this sounds like an almost
perfect example of PowerDNS's LUA record
gt; these addresses have to be returned in random order round robin,
> which is done with:
>
> rrset-order { order random; };
>
> and records like:
>
> foo IN A 10.0.0.1
> foo IN A 10.0.0.2
> foo IN A 10...N
>
> Now I'd like bind to just return a ra
ollowing although I invested plenty of time
> in research - maybe you guys have an idea:
>
> With bind, I'd need to serve a single A record with 30+ IP addresses and
> these addresses have to be returned in random order round robin,
> which is done with:
>
> rrset-order {
Hi,
I can't find a way to do the following although I invested plenty of time
in research - maybe you guys have an idea:
With bind, I'd need to serve a single A record with 30+ IP addresses and
these addresses have to be returned in random order round robin,
which is done with:
rrset
> > This sounds a bit like #336 [1],
>
> Nope - we got bit by that when we upgraded
> to 9.12, which is what resulted in the explicit
> config for rrset-order.
>
> > If you can still reproduce this with current
> > master (or with current v9_12 branch), please
> > open a new GitLab issue.
>
>
Hi Michał,
Thanks for the ack.
> This sounds a bit like #336 [1],
Nope - we got bit by that when we upgraded
to 9.12, which is what resulted in the explicit
config for rrset-order.
> If you can still reproduce this with current
> master (or with current v9_12 branch), please
> open a new
> I have a funny issue that looks buggish
> to me. I have an RRSET with two
> A records that our auth DNS servers happily
> round-robin, which can be observed with
>
> dig unix.lt.ucsc.edu @adns1.ucsc.edu
>
> However, our recursive DNS servers, with
> the same rrset-
Hi folks,
I have a funny issue that looks buggish
to me. I have an RRSET with two
A records that our auth DNS servers happily
round-robin, which can be observed with
dig unix.lt.ucsc.edu @adns1.ucsc.edu
However, our recursive DNS servers, with
the same rrset-order config will not round-robin
Perfect !
thanks.
--
Sent from: http://bind-users-forum.2342410.n4.nabble.com/
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
You can use BIND's RRSET Order for this,
http://www.zytrax.com/books/dns/ch7/queries.html#rrset-order
On Wed, Jan 24, 2018 at 4:37 PM, gsi wrote:
> Hello,
>
> I have 2 A records like this :
> wwwA10.1.1.1
> wwwA10.1.1.2
>
> When I request www,
Hello,
I have 2 A records like this :
wwwA10.1.1.1
wwwA10.1.1.2
When I request www, I got random answers (10.1.1.1 or 10.1.1.2)
If I use the sortlist option, I always got the same answer.
My question : how can I have cyclic answers :
request www -->
ISP public forwarders. fast, redundant, privacy-challenged
(Google, OpenDNS, ATT, etc).
Reading the Arm chatting in #irc IIUC 'forwarders' are NOT queried in order
listed, and there's no option to set priority, failover, round-robin etc.
I'm requesting such a feature.
For example,
Forwaders
-users-boun...@lists.isc.org] On Behalf Of Int
Sent: Wednesday, August 26, 2015 5:41 PM
To: bind-users@lists.isc.org
Cc: n...@eml.cc
Subject: DNS connection refused : round-robin pools
Importance: High
I do not have access to Internet in my case, only have access to a national
VPN, As I can disable
, redundant, privacy-challenged
(Google, OpenDNS, ATT, etc).
Reading the Arm chatting in #irc IIUC 'forwarders' are NOT queried in order
listed, and there's no option to set priority, failover, round-robin etc.
I'm requesting such a feature.
For example,
Forwaders would be queried in order
Hi
On Mon, Aug 24, 2015, at 11:10 AM, Darcy Kevin (FCA) wrote:
Forwarders are selected based on an RTT(round-trip-time)-based algorithm
There's an invalid presumption there -- that 'fastest' == 'most desired /
highest priority'. Regardless of any specific case, the requested feature
Am 24.08.2015 um 20:19 schrieb n...@eml.cc:
On Mon, Aug 24, 2015, at 11:10 AM, Darcy Kevin (FCA) wrote:
Forwarders are selected based on an RTT(round-trip-time)-based algorithm
There's an invalid presumption there -- that 'fastest' == 'most desired /
highest priority'. Regardless of
-Original Message-
From: bind-users-boun...@lists.isc.org
[mailto:bind-users-boun...@lists.isc.org] On Behalf Of n...@eml.cc
Sent: Monday, August 24, 2015 1:49 PM
To: bind-users@lists.isc.org
Subject: BIND9 Feature Request: 'fowarders' priority round-robin pools
I run bind 9.10.2-P3.
I
, August 24, 2015 2:19 PM
To: Darcy Kevin (FCA); bind-users@lists.isc.org
Subject: Re: BIND9 Feature Request: 'fowarders' priority round-robin pools
Hi
On Mon, Aug 24, 2015, at 11:10 AM, Darcy Kevin (FCA) wrote:
Forwarders are selected based on an RTT(round-trip-time)-based algorithm
There's
On Mon, Aug 24, 2015, at 11:56 AM, Darcy Kevin (FCA) wrote:
So, if your link is saturated to the point that you can't hold up a VPN
connection reliably, you fall back to an less-secure method of resolution?
No.
Non-deterministic security, what a concept!
Didn't take long for you to resort
On 8/24/15 3:09 PM, n...@eml.cc wrote:
On Mon, Aug 24, 2015, at 11:56 AM, Darcy Kevin (FCA) wrote:
So, if your link is saturated to the point that you can't hold up a VPN
connection reliably, you fall back to an less-secure method of resolution?
No.
Actually, yes. That's pretty much
Am 24.08.2015 um 21:09 schrieb n...@eml.cc:
On Mon, Aug 24, 2015, at 11:56 AM, Darcy Kevin (FCA) wrote:
So, if your link is saturated to the point that you can't hold up a VPN
connection reliably, you fall back to an less-secure method of resolution?
No.
YES but you maybe don't realize
Somehow all that ^ puffery translates into NOT wanting to allow the user to
prioritize the use of forwarders the way they want?
Um, ok ...
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users
: BIND9 Feature Request: 'fowarders' priority round-robin pools
Somehow all that ^ puffery translates into NOT wanting to allow the user to
prioritize the use of forwarders the way they want?
Um, ok ...
___
Please visit https://lists.isc.org/mailman
On 8/24/15 3:21 PM, n...@eml.cc wrote:
Somehow all that ^ puffery translates into NOT wanting to allow the
user to prioritize the use of forwarders the way they want?
You are trying to use forwarders in a way that they are not intended,
and is not a good idea. That is the translation of all of
-users-boun...@lists.isc.org [mailto:bind-users-boun...@lists.isc.o
rg] On Behalf Of n...@eml.cc
Sent: Monday, August 24, 2015 3:21 PM
To: bind-users@lists.isc.org
Subject: Re: BIND9 Feature Request: 'fowarders' priority round-robin pools
Somehow all that ^ puffery translates into NOT wanting
Folks,
Our normal procedure when changing the IP address of a TLD name
server is to get the new server responding properly and then update the glue
records with the Registrar to reflect the new address, normally 1-2 days apart
for two nameservers. We monitor query traffic on
On Mon, Aug 17, 2015 at 9:34 AM, MURTARI, JOHN jm5...@att.com wrote:
Folks,
Our normal procedure when changing the IP address of a TLD
name server is to get the new server responding properly and then update
the glue records with the Registrar to reflect the new address,
slow down the traffic
to that DNS.
And a followup question, is there a simple configuration change I can do to
tell bind to ignore srtt values and simply round-robin across a list of DNS
that I provide?
Thank you in advance for your help.
Cheers,
Stephen Wood
Hi,
Ive got a problem getting weighted round robin dns to work. What I need is
ip adress 1 getting twice the hits of ip address 2, however making multiple
entries of ip address 1 in my zonefile (according to
https://lists.isc.org/mailman/htdig/bind-users/2007-April/066196.html ) does
not seem
That doesn't work with recent versions. BIND discards the duplicates.
-Ben Croswell
On Jul 16, 2011 4:28 PM, d...@cornholio.nl wrote:
Hi,
I’ve got a problem getting weighted round robin dns to work. What I need
is
ip adress 1 getting twice the hits of ip address 2, however making
multiple
On 07/16/2011 13:10, d...@cornholio.nl wrote:
I’ve got a problem getting weighted round robin dns to work. What I need is
ip adress 1 getting twice the hits of ip address 2,
As you were told that's not going to work. What you could do is add an
additional IP address as an alias on the interface
Is there a way to make BIND respond DNS query in sequence?
Someone else can probably give a more authoritative answer. My
understanding is that BIND will rotate the answers it gives out when
there's more than one similar record in a rrset. And yes, this can help
spread the load a bit.
Whether
-robin+sortlist
Option B: views
Appropriate caveats for each approach.
Note that if these are Windows clients on the same subnets as the
www.example.com addresses, you could probably just get away with a plain
old round-robin and rely on the built-in Windows subnet
prioritization, see
http
Hi everyone...
I am rather new to the world of DNS so I¹m hoping to get some of your
expertise...
Is there a way to make BIND respond DNS query in sequence? For example, if
I assign 2 IP addresses to an A record, is it possible to have it respond
like...
Client 1 for www.example.com -
Anybody can help to explain the side effect of configuring the DNS name
to
multiple IP addresses(Round Robin DNS).
If you're planning to use it for load sharing, then the effect is very
basic - requests get shared equally among the addresses irrespective of
load on the target system
On Wed, Sep 09, 2009 at 05:47:34PM +0100, Sam Wilson wrote:
In article mailman.450.1252511223.14796.bind-us...@lists.isc.org,
Balanagaraju Munukutla 9ba...@sg.ibm.com wrote:
Hi
Anybody can help to explain the side effect of configuring the DNS name to
multiple IP addresses(Round Robin
I've found the confirmation I was looking for in RFC 2181
section 10.2.
Does this seem to confirm that round-robin PTR's are perfectly legal?
yes, they are perfectly legal. However I don't know about any application
that would require nor benefit of them, and I don't recommend using them
:02, Bryan Irvine wrote:
I've think I've found the confirmation I was looking for in RFC 2181
section 10.2.
Does this seem to confirm that round-robin PTR's are perfectly legal?
yes, they are perfectly legal. However I don't know about any application
that would require nor benefit
there a valid reason for rr rDNS?
Once upon a time, BIND specifically *disabled* round-robin behavior for
non-address (A/) record types. PTR RRsets, among other types, were
always given in a fixed order.
But, I just tried a quick test, and it appears that round-robin has been
re
On Mon, Jul 6, 2009 at 4:08 PM, Kevin Darcyk...@chrysler.com wrote:
Bryan Irvine wrote:
Other than to really annoy me; is there a valid reason for rr rDNS?
Once upon a time, BIND specifically *disabled* round-robin behavior for
non-address (A/) record types. PTR RRsets, among other
specifically *disabled* round-robin behavior for
non-address (A/) record types. PTR RRsets, among other types, were
always given in a fixed order.
But, I just tried a quick test, and it appears that round-robin has been
re-enabled for PTRs. Accident? I have no idea why anyone would want
Other than to really annoy me; is there a valid reason for rr rDNS?
-Bryan
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Bryan Irvine wrote:
Other than to really annoy me; is there a valid reason for rr rDNS?
Once upon a time, BIND specifically *disabled* round-robin behavior for
non-address (A/) record types. PTR RRsets, among other types, were
always given in a fixed order.
But, I just tried a quick
In message 96c8e9660904071112p557840a4kfd85120d7c275...@mail.gmail.com,
Mallappa Pallakke
writes:
Hi Mark/Kevin,
I did the changes you suggested and it worked fine.
Thanks a lot for all your help.
Regarding round-robin load sharing instead of random, I have
planned
* Mallappa Pallakke:
Can anybody tell me why this limitation and is there any sollution to
resove this problem?
Does your dig call result in two lookups behind the scenes, perhaps?
___
bind-users mailing list
bind-users@lists.isc.org
Hi,
I tried with 9.5.1.P2, but still I am not getting the expected round
robin results:
Please see below my named.conf and zone file:
named.conf:
=
options {
directory /var/named;
// Uncommenting this might help if you have to go through a
// firewall and things
In message 96c8e9660904061734t61414549o22a535e681f58...@mail.gmail.com,
Mallappa Pallakke
writes:
Hi,
I tried with 9.5.1.P2, but still I am not getting the expected round
robin results:
Please see below my named.conf and zone file:
named.conf:
=
options
Hi Mark,
I do not see any additional section in the response. Can you please
tell me what exactly you are asking me to change?
I selected cyclic instead of random since I want my client requests
to go to servers in exactly round-robin order. Please tell is there
anything wrong
Dustin Lovell wrote:
Certain browsers hitting our web application don't like having two A-records handed to them (I'm still in the process of figuring out why),
Yeah, you really need to dig into that further, since we have *hundreds*
of multi-A-record names, and we've never run into any
Greetings all. Is it possible to set up BIND in such a way that if there are
multiple A-records for a specific host, instead of returning all of them in
response to a request and only changing the order with every second request,
the server only returns one A-record, and varies that A-record
In article [EMAIL PROTECTED],
Dustin Lovell [EMAIL PROTECTED] wrote:
Certain browsers hitting our web application don't like having two A-records
handed to them (I'm still in the process of figuring out why), and much
prefer the first example above.
Really? So these browsers can't access
58 matches
Mail list logo