I may be completely misunderstanding your question, but why not simply do Anycast / ECMP?
Each DNS server has the same IP address (usually bound to the loopback interface), and runs a (very simple) health-check script. If the health-check passes the host injects a /32 route into the IGP (or a private-AS BGP instance). Your router already does ECMP, Anycast is already a really well known / understood technology - you are simply building an anycast network with all nodes behind the same device. Any "load balancer" will simply be an additional widget (and so point of failure / state location / dos opportunity) between the router and servers. W On Wed, Sep 14, 2016 at 2:30 PM, Frank Pikelner <frank.pikel...@netcraftcommunications.com> wrote: > Hello Bert, > > This is the first I've heard of DNSDIST. I'll need to read more about it, but > wanted to ask whether upon receiving the query, does DNSDIST act as a bridge > for the complete request/response, or simply redirects the traffic with the > response bypassing DNSDIST? > > THanks, > > Frank > > ----- Original Message ----- > From: "bert hubert" <bert.hub...@netherlabs.nl> > To: "Job" <j...@colliniconsulting.it> > Cc: bind-users@lists.isc.org > Sent: Wednesday, 14 September, 2016 13:43:59 > Subject: Re: Load balancer for Bind > > On Wed, Sep 14, 2016 at 06:17:13PM +0200, Job wrote: >> which is the best load balancer for two or more Bind DNS Server, located in >> the same farm? >> I read something about HAProxy but it does not manage udp connection and the >> interesting security proxy/balancer DnsDist does not pass original client ip >> for Bind-DLZ... > > Hi Francesco, > > dnsdist can transfer the original IP over EDNS Client Subnet (ECS). > http://dnsdist.org/README/ has how this works. > > I don't know if BIND can make use of the original IP address though. > PowerDNS geoipbackend can in any case. BIND is also an excellent choice. > > Good luck! > > Bert (one of the dnsdist authors) > _______________________________________________ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users > _______________________________________________ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users -- I don't think the execution is relevant when it was obviously a bad idea in the first place. This is like putting rabid weasels in your pants, and later expressing regret at having chosen those particular rabid weasels and that pair of pants. ---maf _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
