> From: email builder [mailto:[EMAIL PROTECTED] > All, > > I recognize this is a bit OT, but not sure where to turn...? > > I am trying to use DNS to load balance a couple spamd > servers. I am attempting to return more than one A record > for spam.mydomain.com, and I am getting a correct dig, but > just a test telnet is returning "Unknown host". > > What am I doing wrong?
If it only lasts 5 minutes (or less) then your previous (before creating the records) would typically be cache by a modern Windows CLIENT. While DNS has long been cached at the server, Microsoft started caching at the client (by default) in Win2000. > Few more details: > > DNS hosted on a separate machine, say dns.mydomain.com. Separate machines? Do you mean different DNS servers or just separate from the SMTP/spamd machine? If your spam.mydomain.com is not on the same machine as the mydomain.com zone then you would (likely) need to delegate (but that doesn't seem to be your issue.) > Our SMTP server is where the spamc calls out to spamd, and > that machine's /etc/resolve has the dns machine's hostname as > the first nameserver entry. From the SMTP machine, I do "dig > spam.mydomain.com" and I get my desired results: You cannot depend on "first DNS" setting on a client -- most DNS clients may try ANY of the one's listed -- Windows clients for instance certainly work this way. A DNS client typically expects EVERY DNS Server to return the SAME answers (although a resolver/OS could be constructed to "keep trying" this is not typical.) > ;; ANSWER SECTION: > spam.mydomain.com. 259200 IN A 10.10.10.105 > spam.mydomain.com. 259200 IN A 10.10.10.106 > > I was pretty excited when I got that far, but then the next > step - to try to manually connect to one of the spamd daemons > listening on those 10. > addresses - failed miserably: > > # telnet spam.mydomain.com 2009 > telnet: spam.mydomain.com: Name or service not known > spam.mydomain.com: Unknown host > # > > (the port number above is what spamd is configured to listen on) Likely you have more than one DNS server listed on the "telnet client" and the client resolver is using the "wrong" one. You should generally point clients to ONE CONSISTENT (set of) DNS servers which return all the correct answers the client will ever need. If the DNS server (set) doesn't know the answer it must forward or recurse to find it. > Seems like the DNS server is not the problem, but FWIW, the > zone file for mydomain.com has these entries: > > spam A 10.10.10.105 > spam A 10.10.10.106 -- Herb Martin
