nanog mailing list archives

RE: LoadBalancing products: 3DNS / DDirector

From: kevin graham <kgraham () dotnetdotcom org>
Date: Thu, 6 Jul 2000 11:16:19 -0700 (PDT)

I figured.  And also considered the sub-delegation.  Only one problem.  More
often than not the website "" also wants "" pointing
to their service. If you point it all at the 3DNS, that kind of blows the
sub-delegation theory.

Yep. That hoses it.

AND, if you sub-delegate the "" and put an entry in the zone record on your regular DNS server - it can be managed
OK for a few domains, but what about when you have a very large server
farm... [eyes rolling] gads!

Presumably this is for large server farms that server large numbers of
domains. I would guess this is why Akamai is selling their services for
DNS as well as content now.

We should all hammer on Vixie or ISC to get this in BIND anyways.  Wouldn't
that be sweet and save us all $30-40k per device....

This would solve only half the problem -- one of the main advantages of
the 3DNS product (and DDirector, probably) is its integration with its
local load balancing brother.

There's a fair amount of logic you've got to have the node local to the
servers -- at the simplest level, returning a metric based on RTT to the
querying nameserver. However, the 3DNS software on a BIG-IP is also
figures in the current # of connections based on capacity, etc. The tiers
of features would be 1) round-robin with node failure indication 2) metric
based on RTT and 3) 

F5 supposedly is going to put its iQuery protocol on the RFC track,
however I hope it will have a new name by that time to alleviate confusion
with the DNS opcode and to not match /^i[A-Z]/. For ISC to go to the
trouble, there would need to be more support than just F5, but there's the
chicken-and-egg problem of Cisco not wanting to give up their DDirector
sales by allowing the LDirector to seamlessly integrate with F5's product.

Given that they're picking up $30-40k per box to do this, having it
commoditized (either by an ISC implementation of their own protocol, or
supporting a 3rd party protocol) wouldn't seem like a business wise

Perhaps some of the end-user ISPs could shed some light -- how
topologically close are your forwarding nameservers to the end user?


All of this still doesn't answer the underlying problem that any solution
to this problem is going to suck, its just a question of how bad. Given
the opinions on BGP for this application so far, DNS seems the only
feasible place to implement this with the current infrastructure. 

If a forwarding dns server were to include the host on whose behalf it was
asking (...hoping of course that in NAT'ed situation, the name server
would be outside of the NAT) then some _very_ nice things could be done in
regards to monitoring ACK RTT times on the end-node (the local load
balancer) ... Over time, with more hosts, internal prefix lengths could
begin to represent a fairly accurate representation of network topology
(provided proper aging, etc was in place to accomodate re-routed traffic).

Ugh. I guess this is going critically OT.

Current thread: