Hi all,
Thanks a lot for your feedbacks. Really valuable.
I'll discuss with Willy the best approach for the change.
Baptiste
On Mon, Oct 19, 2015 at 11:50 PM, Andrew Hayworth
wrote:
> Hi all -
>
> Just to chime in, we just got bit by this in production. Our
Hi all -
Just to chime in, we just got bit by this in production. Our dns
resolver (unbound) does not follow CNAMES -> A records when you send
an ANY query type. This is by design, so I can't just configure it
differently (and ripping out our DNS resolver is not immediately
feasible).
I
Hi folks,
> Hey guys,
>
> by default, HAProxy tries to resolve server IPs using an ANY query
> type, then fails over to resolve-prefer type, then to "remaining"
> type.
> So ANY -> A -> or ANY -> -> A.
We can't really rely on ANY queries, no. Also see [1], [2].
> Today, 0yvind
> Jan, a fellow HAProxy user, already reported me that ANY query types
> are less and less fashion (for many reasons I'm not going to develop
> here).
>
> Amongs the many way to fix this issue, the one below has my preference:
> A new resolvers section directive (flag in that case) which prevent
>
Hey guys,
by default, HAProxy tries to resolve server IPs using an ANY query
type, then fails over to resolve-prefer type, then to "remaining"
type.
So ANY -> A -> or ANY -> -> A.
In some cases, ANY query type is ignored or response contains no
records, which leads HAProxy to try next
Hey Baptiste,
Using ANY queries for this kind of stuff is considered by most people to
be a bad practice since besides all the things you named it can lead to
incomplete responses. Basically a resolver is allowed to just return
whatever it has in cache when it receives an ANY query instead of
Actually, I just asked one of the powerdns devs, and their
recursor/resolver implementation does actually only return what is in
its cache when answering an ANY query.
On 10/15/2015 4:46 PM, Robin Geuze wrote:
Hey Baptiste,
Using ANY queries for this kind of stuff is considered by most
I second this opinion. Removing ANY altogether would be the best case.
In reality, I think it should use the OS's resolver libraries which
in turn will honor whatever the admin has configured for preference
order at the base OS level.
As a sysadmin, one should reasonably expect that
> I second this opinion. Removing ANY altogether would be the best case.
>
> In reality, I think it should use the OS's resolver libraries which
> in turn will honor whatever the admin has configured for preference
> order at the base OS level.
>
>
> As a sysadmin, one should reasonably expect
9 matches
Mail list logo