On Nov 6, 2024, at 12:18, Mark Andrews <ma...@isc.org> wrote: > > Round robin results in unbalanced traffic when one or more of the addresses > is unreachable. It is not recommended.
This reminds me of another situation … we had a load balancer that would ping machines behind it, if they were up, they were included. The trouble was that when BIND 8 was running (single-threaded code), the machine would answer to pings but not respond (in a timely manner) to port 53 requests if BIND was doing a zone transfer (i.e., then a fairly long-lived operation). This isn’t quite the same situation as described in the draft, but the moral of the tale is that one really ought to be doing application-level/specific testing of servers to balance the load, relying on anything else risks breakage. Perhaps recommend that when an answer involves a multi-record set apply some (predictable) shuffling but otherwise not expect too much. The “auth server” can’t control enough of the environment to be in position to dictate what the eventual receiver will do. An aside, when I see “addresses…unreachable” I’m reminded that reachability is not transitive, A->B might work and A->C might work, but B->C might not. It’s hard for a third party to know if a client would be able reach a server. _______________________________________________ DNSOP mailing list -- dnsop@ietf.org To unsubscribe send an email to dnsop-le...@ietf.org
