Date: Wed, 16 Jul 2008 21:41:06 -0700 From: Jeremy Chadwick <koitsu@FreeBSD.org> To: Chuck Swiger <cswiger@mac.com> Cc: stable@freebsd.org, Eugene Grosbein <eugen@kuzbass.ru> Subject: Re: named.conf: query-source address Message-ID: <20080717044106.GA53681@eos.sc1.parodius.com> In-Reply-To: <8DFF6DCD-6619-4251-9944-59CED8DF1B19@mac.com> References: <20080716162042.GA27666@svzserv.kemerovo.su> <487E312E.9090307@infracaninophile.co.uk> <20080717035155.GA81536@svzserv.kemerovo.su> <8DFF6DCD-6619-4251-9944-59CED8DF1B19@mac.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Jul 16, 2008 at 09:06:33PM -0700, Chuck Swiger wrote: > On Jul 16, 2008, at 8:51 PM, Eugene Grosbein wrote: >> On Wed, Jul 16, 2008 at 06:34:38PM +0100, Matthew Seaman wrote: >>> The 'query-source' options don't have to be specified: the system >>> will just choose some appropriate address according to the state of >>> the routing table. 'query-source' to set the source /IP/ is really >>> only useful in some specific server configurations with several alias >>> addresses any of which could be used. That's pretty rare really. >> >> Isn't this common to have multiple aliases at an interface? >> Sometimes only one of them should be used for all DNS traffic. > > About the only common reason to set up multiple aliases on an interface > is when you're doing something like hosting multiple SSL webservers on a > single box which actually need to have distinct IPs as a consequence. > Other than that, using public IPs for aliases is usually wasteful of IP > address space. YMMV... This is off-topic, but the reason we use public IPs for web hosting (read: standard HTTP) is so we can rate-limit the network I/O using pf and ALTQ. We tried for many years to use bandwidth-limiting modules such as mod_bw and mod_cband, but the modules are incredibly buggy. (Our most recent experience was with mod_cband, which will literally deadlock the entire webserver during heavy multipart downloads. The Debian folks found the same problem, and it was ultimately removed from their package repo.) -- | Jeremy Chadwick jdc at parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. PGP: 4BD6C0CB |
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080717044106.GA53681>