nanog mailing list archives
Re: DNS Based Load Balancers
From: John Payne <john () sackheads org>
Date: Wed, 5 Jul 2006 07:58:27 -0400
On Jul 5, 2006, at 5:18 AM, Lincoln Dale wrote:
but it's a perfect example of why GSLB based on DNS ain't perfect.What would be a better solution then?utopia would be for DNS to be enhanced in some manner such that the 'enduser ip-address' became visible in the DNS request.utopia would have NAT devices which actually updated that in-place so an authoritive nameserver always authoritively _knew_ the public ip- address ofwhere the request was coming from.
That would kill all cacheability of DNS.Split tunnel VPNs do somewhat break the DNS GSLB model, but I don't think that's as bad as anti-DNS GSLB people claim it is. If you were on a full- tunnel VPN, you
would expect to be sent to nocal, right?This could also be fixed in split tunnel VPNs with a local DNS proxy that only used the DNS cache on the other side of the VPN for the "internal" domains, and your ISP's DNS cache for everything else. That proxy could even be built into your VPN client.
With wide open recursive nameservers getting such bad press lately, I would expect
to see client <-> caching nameserver proximity getting a lot closer.
Current thread:
- RE: DNS Based Load Balancers, (continued)
- RE: DNS Based Load Balancers Sam Stickland (Jul 04)
- Re: DNS Based Load Balancers Rodrick Brown (Jul 04)
- RE: DNS Based Load Balancers Lincoln Dale (Jul 04)
- Re: DNS Based Load Balancers Paul Vixie (Jul 05)
- Re: DNS Based Load Balancers Henry Linneweh (Jul 06)
- Re: DNS Based Load Balancers Paul Vixie (Jul 06)
- RE: DNS Based Load Balancers Matt Ghali (Jul 04)
- RE: DNS Based Load Balancers Lincoln Dale (Jul 05)
- Re: DNS Based Load Balancers John Payne (Jul 05)
- RE: DNS Based Load Balancers David Schwartz (Jul 05)