Re: sort list and view

Wed, 20 Jul 2011 10:43:36 -0700 



On 7/20/2011 1:15 AM, AMANI M. BIN SUWAIF wrote:

Hi,


The problem is that fail-over between A records is not standard and 
might/might not work with various SIP clients. On the other hand SRV 
in my opinion has been designed with that in mind, that's why the 
additional complexity with 2 SRV records.



Thanks & Regards,

*Amani*



On 7/20/2011 2:50 AM, Kevin Darcy wrote:

On 7/18/2011 11:42 PM, AMANI MOHAMED BIN SUWAIF wrote:

Hi,

I have the below scenario


_TCP.EXAMPLE.COM    IN SRV    10    0    5060    
primary-sbg.example.com
_TCP.EXAMPLE.COM    IN SRV    20    0    5060    
secondary-sbg.example.com


I have 2 IP ranges and 2 SBGs host, my intention is

for client in IP range1
primary-sbg      IN    A    1.1.1.1
secondary-sbg    IN    A    2.2.2.2

for client in IP range2
primary-sbg      IN    A    2.2.2.2
secondary-sbg    IN    A    1.1.1.1

can this be achieved without using a views?

I thought this can be solved just by a sortlist, where
primary-sbg    IN    A    1.1.1.1
primary-sbg    IN    A    2.2.2.2
secondary-sbg    IN    A    2.2.2.2
secondary-sbg    IN    A    1.1.1.1


and then introduce the sortlist, which sorts the position of IP 
addresses based on the IP range client comes from?

something like,

sortlist {
    {
     IPRANGE1;  // 1st client IP selection matches any of these
     {1.1.1.1;   // return any of these response IPs as 1st preference
     };
    {
     IPRANGE2;  // 1st client IP selection matches any of these
     {2.2.2.2;   // return any of these response IPs as 1st preference
     };
};

but in this case,

client from IPRANGE1 receive 1.1.1.1 as a first choice for both 
primary-sbg and secondary-sbg

and

client from IPRANGE2 receive 2.2.2.2 as a first choice for both 
primary-sbg and secondary-sbg

which is not the intention. sortlist doesn't not  consider domain name.

The intention is to have primary SBG for first iprange act as a 
secondary SBG for the second ip range and vice verse and in similar 
manner for multiple IP ranges and SBGs. Problem with views is that 
anytime this setup gets bigger and we will have additional ip ranges 
and additional SBGs, it will require additional views...


(LOC)RANGE    PRIMARY(LOC)   SECONDARY(LOC)
(L1)IPRANGE1  SBG1(L1)       SBG6(L2)
(L1)IPRANGE2  SBG2(L1)       SBG7(L2)
(L1)IPRANGE3  SBG3(L1)       SBG8(L2)
(L1)IPRANGE4  SBG4(L1)       SBG9(L2)
(L1)IPRANGE5  SBG5(L1)       SBG10(L2)

(L2)IPRANGE6  SBG6(L2)       SBG1(L1)
(L2)IPRANGE7  SBG7(L2)       SBG2(L1)
(L2)IPRANGE8  SBG8(L2)       SBG3(L1)
(L2)IPRANGE9  SBG9(L2)       SBG4(L1)
(L2)IPRANGE10 SBG10(L2)      SBG5(L1)


half of the SBGs is in one location (L1) and half in other (L2), 
that's why it is important that for clients from ranges in one 
location, first half of SBGs is preferred, and for other clients 
from second location other half of SBGs is preferred. Client 
configuration should be uniformed (same SRV) regardless the location.

Are you over-engineering this? If the A-record failover by your 
client is fast enough you might only need 1 SRV record, and then 
sortlisting will work fine (subject to the usual caveats: as long as 
you can control the sortlist config of every resolver your clients 
will use, and keep them in sync).




                                                                    
                                                        - Kevin

Well, you could always stand up some virtual IPs on the same servers (or 
possibly NAT it upstream) and then perform some *fancy* sortlisting, e.g.


for clients in IP range1
primary-sbg 1.1.1.1, 2.2.2.3
secondary-sbg 2.2.2.2, 1.1.1.2

for clients in IP range2
primary-sbg 2.2.2.3, 1.1.1.1
secondary-sbg 1.1.1.2, 2.2.2.2


That way range1 clients would always fail over -- via SRV failover or 
A-record failover -- from the 1.1.1.x server to the 2.2.2.x server and 
range2 clients would always fail over from the 2.2.2.x server to the 
1.1.1.x server.



Bear in mind that "view"s, i.e. giving different answers to the same DNS 
query, depending on the client, is not something which is (as far as I'm 
aware) sanctioned by the Internet Standards, but A-record failover was 
specified as far back as RFC 1123 (1989):


"2.3 Applications on Multihomed hosts


When the remote host is multihomed, the name-to-address translation will 
return a list of alternative IP addresses. As specified in Section 
6.1.3.4, this list should be in order of decreasing preference. 
Application protocol implementations SHOULD be prepared to try multiple 
addresses from the list until success is obtained. More specific 
requirements for SMTP are given in Section 5.3.4. "


2.3  Applications on Multihomed hosts

      When the remote host is multihomed, the name-to-address
      translation will return a list of alternative IP addresses.  As
      specified in Section 6.1.3.4, this list should be in order of
      decreasing preference.  Application protocol implementations
      SHOULD be prepared to try multiple addresses from the list until
      success is obtained.  More specific requirements for SMTP are
      given in Section 5.3.4.


So if you're worried about what is "standard" and what isn't, you should 
cast your lot with A-record failover and *not* any "view" trickery.



                                                                      
                                                - Kevin




_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users





















					Reply via email to