On 2023-07-19 12:55, Gerald Galster wrote:
Le 19/07/2023 à 19:53, Michael Peddemors a écrit :
Real world is a bit different.. DNS Caching.. While DNS Round Robin is good
enough to distribute loads, it isnt' a very good method for failover, even with
a very short TTL. Many home routers, still insist on caching results for a
long time, no matter what the TTL says, and of course Windows internal caching
etc..
Should not confuse the issue.. call it a 'poor man's load balancer' if you
will, but it more of a last line failover, and during the time it takes for DNS
to retry, and find another active node, an AWFUL lot of disgruntled customers
will be calling ;)
Also so interesting to see some resolvers that don't think of using the second
record, if the first one is down..
You're mixing things : DNS and Mail client behavior. It is a non sense.
A resolver will serve records, It does not use them and do not care of what is
behind the record.
A good client use the lists (of A or AAAA) records to connect to the server and
will iterate on the list if the server behind the record is down.
And DNS caching do it job nothing less, nothing more and is out of the picture.
Emmanuel is right. Here's an example to clarify:
$ dig imap.web.de
;; ANSWER SECTION:
imap.web.de. 226 IN A 212.227.17.178
imap.web.de. 226 IN A 212.227.17.162
A dns query for imap.web.de address records (IN A) returns two ip addresses.
A local resolver receives those two ip addresses and usually passes them on
to clients while it may rotate the order, so that some clients will see
212.227.17.178, 212.227.17.162 and others will see 212.227.17.162,
212.227.17.178.
It is possible to get the same order for subsequent requests but on a *global*
scale
that roughly equals 50/50 loadbalancing.
Mail clients then connect to e.g. 212.227.17.178 and try 212.227.17.162 on
connection
failure without any further dns involvement. Dns caching (ttl) is irrelevant in
that case.
In theory, that is how it is SUPPOSED to work, in practice (and we have
lots of history where customers ran into this problem when one went
down), I believe that it was Outlook that didn't try an alternative IP
address for a 20 min internal cache for instance, before a requery of
the DNS was done, at which time it again would choose which IP to
connect to. As well, SOME modems would get the two results, and return
only one to the client. And lots of libraries we see, do the DNS query,
get two IP results, but then only use the first one returned, etc..
Not arguing how it is supposed to work, just forewarning those to be
ready when it doesn't work like the manual says.. (Everyone hates phone
calls about email being down).
If you want to be certain, only a true load balancer will fit the bill.
Oh, and another PS.. IF you are going to do round robin, suggest you
make two (2) MX records, and put two IPs in both, and then equal weight
the two MX's.
Keeps a more even load, given those that only prefer the first MX
returned, and those that prefer the last (spammers)
--
"Catch the Magic of Linux..."
------------------------------------------------------------------------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd.
------------------------------------------------------------------------
604-682-0300 Beautiful British Columbia, Canada
This email and any electronic data contained are confidential and intended
solely for the use of the individual or entity to which they are addressed.
Please note that any views or opinions presented in this email are solely
those of the author and are not intended to represent those of the company.
_______________________________________________
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-le...@dovecot.org