[Freeipa-users] routing requests to local servers - DNS SRV + view?
Brian Cook
bcook at redhat.com
Sat Apr 14 03:00:29 UTC 2012
Yes, this is exactly what I am trying to accomplish. I've already been looking in to the BIND views clause and would like to hear if anyone has any feedback as to how well this works in the real world.
In this case the implementation of IPA is using an external standard BIND implementation loading from text files. However, views would be very useful for IPA to be able to do internally, so figuring out how to get this option in to BIND using 389ds backend would be a useful step.
Thanks,
Brian
---
Brian Cook
Solutions Architect, Red Hat, Inc.
407-212-7079
On Apr 13, 2012, at 2:41 PM, Petr Spacek wrote:
> On 04/13/2012 10:28 PM, Jakub Hrozek wrote:
>> On Fri, Apr 13, 2012 at 01:04:55PM -0700, Brian Cook wrote:
>>> Ideally I would rely on a -group- of servers, and then rely on DNS if it
>>> is down. I don't want to hammer one server. We're talking about 500-1000
>>> servers running virtual machines, so potentially a lot of traffic. Got
>>> any suggestions for that?
>>
>> Hello Brian,
>>
>> I'm not sure I understand what you are trying to achieve. Are you trying
>> to spread the client load among replicas? If so, then I think the SRV
>> records in DNS are really the best answer. You can organize the servers
>> in "tiers" by using the priority field and then spread the load in a
>> tier by using the "weight" field.
>
> Greetings,
>
> if I understand correctly, you need to set different priority for SRV records and this new priority has to be dependent on client's IP address.
>
> AFAIK only way how to accomplish this is BIND "view" clause. You have to:
> - create copy of original zone for each location and modify SRV record priorities
> - then you have to set "views" and create mapping between IP address <-> new zone
>
>
> This way requires multiple copies of original zone, each with little differences.
> In case of classical zone files is not a big problem: You can keep SRV records separated in small files and "$INCLUDE" normal records to them from single place.
>
> In cases with LDAP database it's a much harder, because there is no simple $INCLUDE clause, I think.
> We have to consult this problem with 389 guys ... It can be task for some kind of directory server plugin.
>
>
> Some examples and documentation:
> http://wiki.sipfoundry.org/display/sipXecs/Location+based+DNS+views+for+sipXecs+using+BIND
> (It belongs to some SIP solution, but it's exactly what you want.)
>
> http://www.zytrax.com/books/dns/ch7/view.html
>
> http://ftp.isc.org/isc/bind9/cur/9.7/doc/arm/Bv9ARM.ch06.html#view_statement_grammar
>
>
> I'm adding BIND maintainer to this discussion.
>
> Petr^2 Spacek
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20120413/94da036e/attachment.htm>
More information about the Freeipa-users
mailing list