[Dnsmasq-discuss] Is there an "all-servers" parameter for downstream servers?
Alberto Cuesta-Canada
alberto.cuesta at excelian.com
Mon Apr 26 17:32:32 BST 2010
Hi Simon,
I assume that your choice of 2) is because flooding servers downstream is safer than flooding servers upstream, and I agree with that. There would be another option which would be creating a new parameter (--all-downstream-servers) to activate the behaviour, although I understand that it could require more code to be developed and tested.
I'm happy with any route you decide to take. Would you have an estimation on how long would it take to add and release this functionality? No pressure at all, of course, I'll plan around it.
Kind regards,
Alberto Cuesta-Canada
GaaS Team Lead
Excelian Ltd.
+44 (0) 7942633361
________________________________
From: Simon Kelley [mailto:simon at thekelleys.org.uk]
Sent: Mon 26/04/2010 16:50
To: Alberto Cuesta-Canada
Cc: dnsmasq-discuss at lists.thekelleys.org.uk
Subject: Re: [Dnsmasq-discuss] Is there an "all-servers" parameter for downstream servers?
Alberto Cuesta-Canada wrote:
> Hi all,
>
> Is there an "all-servers" parameter for downstream servers?
There is an --all-servers configuration, but it only applies to upstream
servers which don't have a domain. This is an oversight: I don't think a
system which has more than one server for particular domains was
envisaged. This flag is not linked to a particular set of servers, so
setting it would cause the "all servers" behaviour to apply to the
"domainless" servers too. This isn't necessarily good.
As you noticed, the behaviour of servers-with-domains is different to
domainless servers. dnsmasq remembers which domainless server it used
last and continues to use that whilst is can, for domains-with-servers,
it always starts with the same server.
I can see three possible solutions.
1) Make --all-servers apply to servers-with-domains as well as
domainless ones.
2) Provide all-servers behaviour for servers-with-domains automatically
without having to set --all-servers.
3) Provide the complete remember-last-server for functionality for
servers-with-domains.
I think I prefer 2)
Simon.
>
> I have a configuration with three DNS domains, each one served by two
> dnsmasq servers (complete description at the end).
>
> I'm trying to set up a redundant structure, with cron jobs that ensure
> that both DNS servers for each domain are identical, so if one fails,
> the other will serve the requests. All the machines under my control
> repeat the query in rapid sucession if it doesn't come immediately
> answered, and the DNS servers seem to understand that so the behaviour
> is that any query from a machine in my domain reaches all dns servers in
> the network and it is always answered, regardless of which machines are
> down. For the size of my systems this is fine, it doesn't matter if it
> is unefficient.
>
> The problem I have is that the corporate servers don't work that way. We
> have three of them, and when a machine outside my domains makes a query,
> all of them are queried and route to one of my main
> servers. Unfortunately they always ask to the first one, and never
> repeat the query. The round-robin protocol seems to reset for each
> query, so my main servers only ask the primary servers downstream, fail,
> and the corporate servers return (and cache) a failure, thus rendering
> my failover structure useless for other domains.
>
> This could be solved modifying the configuration on the corporate server
> (politics!), or instructing the my main dns servers to always route
> queries to all servers downstream, and to serve the first result coming
> up. It's the same as using "all-servers", but downstream.
>
> Here is a small diagram (use monospace to see it):
>
> CORPORATE 172.30.0.1 (corporate.local)
> 172.30.0.2
> 172.30.1.1
> ||
> || *.mydomain.local
> ||
> MAIN 192.168.0.250 (main.mydomain.local)
> 192.168.0.251
> || ||
> sub1.mydomain.local || || sub2.mydomain.local
> || ||
> SUB1 192.168.1.250 192.168.2.250 SUB2
> 192.168.1.251 192.168.2.251
>
> server=/sub1.mydomain.local/192.168.1.250
> server=/sub1.mydomain.local/192.168.1.251
> server=/sub2.mydomain.local/192.168.2.250
> server=/sub2.mydomain.local/192.168.2.251
>
> Many thanks,
>
> *Alberto Cuesta-Canada*
> GaaS Team Lead
> Excelian Ltd.
> +44 (0) 7942633361
>
> The information contained in this email and any attached files are
> confidential and intended solely for the addressee(s). The email may be
> legally privileged or prohibited from disclosure and unauthorised use.
> If you are not the named addressee you may not use, copy, or disclose
> this information to any other person. If you received this message in
> error please notify the sender immediately and delete it from your system.
>
> Any opinion or views contained in this email message are those of the
> sender, and do not represent those of the Company in any way and
> reliance should not be placed upon its contents. Unless otherwise
> stated, this email message is not intended to be contractually binding.
> Where an Agreement exists between our respective companies and there is
> conflict between the contents of this email message and the Agreement
> then the terms of that Agreement shall prevail.
>
> Excelian
> 50 Featherstone Street
> London
> EC1Y 8RT
> Tel: +44 (0) 20 7336 9595
> Fax: +44 (0) 20 7336 9596
> www.Excelian.com
> _____________________________________________________________________
> This e-mail has been scanned for viruses by MessageLabs. For further
> information visit http://www.messagelabs.com <http://www.messagelabs.com/>
>
> Excelian subscribes to cleaner and greener methods of working. Help take
> responsibility for the environment. Please don't print this email unless
> you absolutely have to.
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
The information contained in this email and any attached files are confidential and intended solely for the addressee(s). The email may be legally privileged or prohibited from disclosure and unauthorised use. If you are not the named addressee you may not use, copy, or disclose this information to any other person. If you received this message in error please notify the sender immediately and delete it from your system.
Any opinion or views contained in this email message are those of the sender, and do not represent those of the Company in any way and reliance should not be placed upon its contents. Unless otherwise stated, this email message is not intended to be contractually binding. Where an Agreement exists between our respective companies and there is conflict between the contents of this email message and the Agreement then the terms of that Agreement shall prevail.
Excelian
50 Featherstone Street
London
EC1Y 8RT
Tel: +44 (0) 20 7336 9595
Fax: +44 (0) 20 7336 9596
www.Excelian.com
_____________________________________________________________________
This e-mail has been scanned for viruses by MessageLabs. For further information visit http://www.messagelabs.com
Excelian subscribes to cleaner and greener methods of working. Help take responsibility for the environment. Please don't print this email unless you absolutely have to.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20100426/19ac7f12/attachment.htm
More information about the Dnsmasq-discuss
mailing list