Date: Mon, 30 Apr 2001 21:54:58 -0700 From: "Ted Mittelstaedt" <tedm@toybox.placo.com> To: <gerti-freebsdq@bitart.com>, "Ken Bolingbroke" <hacker@bolingbroke.com> Cc: <questions@FreeBSD.ORG> Subject: RE: Redundant Internet connections [partial solution, commentsrequested] Message-ID: <000601c0d1fa$df3e38c0$1401a8c0@tedm.placo.com> In-Reply-To: <20010430213721.1592.qmail@camelot.bitart.com>
next in thread | previous in thread | raw e-mail | index | archive | help
>-----Original Message----- >From: owner-freebsd-questions@FreeBSD.ORG >[mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Gerd Knops >Sent: Monday, April 30, 2001 2:37 PM >To: Ken Bolingbroke >Cc: questions@FreeBSD.ORG >Subject: Re: Redundant Internet connections [partial solution, >commentsrequested] > > >Networking experts: Not being a networking expert myself, I would love >some feedback on the concepts outlined below. Maybe this can be >improved upon. > I don't think so, but I'm glad you spelled it out because I wasn't looking forward to spending the time to outline a hack as ugly as this. It's a pretty horrible one but I'm sure that with enough work this can be adapted and like I've said it's the only option without your own AS number if you must involve multiple ISP's. I hope for your sake that your ISP is one of the ones that starts offering service over Cable once they start allowing it, then you can get rid of all this and run a real routing protocol. [big ugly hack deleted] > >It might be interesting to look into a patch for bind (or maybe >djbdns) so that one could force the order in which addresses are >returned. > I'll "address" this since this is one of these "not getting the DNS concept clearly" problems. >I also thought about using different instances of bind for the 2 >networks, one bound to a.a.a.s returning addresses in the a.a.a >network, and one bound to b.b.b.s returning addresses in the b.b.b >network. However the order in which name servers are looked up is not >determined, so you still could not direct 'default' traffic to the >a.a.a network. Also it is generally expected that primary and secondary >name servers return identical information, breaking this might have >unexpected side effects. > >With all it's complexity, it is surprising that bind doesn't offer >better tools to handle that kind of setup. > It's not surprising at all and there's an extremely simple answer - your making the wrong assumption that EVERY resolver out there on the Internet which is querying your DNS is actually contacting your DNS server directly. In the truth of things, most resolvers contact their own DNS servers which in turn fetch the data from you. At that time successive queries for your IP numbers are satisfied out of those remote nameserver caches. As your site gets used more and more those DNS servers start satisfying requests for your IP numbers out of each other's caches and querying your server less and less. Now, you can guarentee the order that your own nameserver hands out IP numbers but once other nameservers cache those names and IP numbers they can do as they please with them, thus there's no way to guarentee that a particular order will be maintained once the response to the query leaves your server. Ted Mittelstaedt tedm@toybox.placo.com Author of: The FreeBSD Corporate Networker's Guide Book website: http://www.freebsd-corp-net-guide.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?000601c0d1fa$df3e38c0$1401a8c0>