RE: libbind 6.0
I haven't seen any answer on list, so I am resending in case it got lost in "late Friday afternoon" mail queue. Thank you: I have been using libbind(6.0) to do dynamic updates via res_mkupdate() libbind is not currently under development. Is there are replacement in bind9 that I should move to? I see the LWRES but that does not appear to have any update support. Thank you -- Jack Tavares ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: libbind 6.0
In message <6134bb3286a31d4db61e57114e8ba7c09152e...@seaembx01.olympus.f5net.co m>, Jack Tavares writes: > I haven't seen any answer on list, so I am resending in case > it got lost in "late Friday afternoon" mail queue. > > Thank you: > > > I have been using libbind(6.0) to do dynamic updates via > res_mkupdate() > > libbind is not currently under development. > > Is there are replacement in bind9 that I should move to? > > I see the LWRES but that does not appear to have any update support. Libdns can be used to construct UPDATE (or any other concievable) message. It can also be use to send the request or you can manage that seperately. bin/nsupdate/nsupdate.c uses libdns to do this. Yes, I know libdns documentation is sorry lacking. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Slaving from DNS masters behind LVS
Dear Folks, We have a pair of DNS servers running BIND behind a direct routing LVS director pair running keepalived. Let's call these two DNS servers A and B, and the VIP V. They slave from a hidden master; let's call it M. I want to allow another machine S to slave from A and B, the pair of DNS servers that are behind LVS. Another machine F will forward to the DNS servers behind the load balancer, A and B. [There is another similar setup at another location, so there will be a V1 and V2, A1, A2, B1, B2; all of A1, A2, B1, B2 slave from M.] 1. Should the machine in the SOA be V, or A or B? 2. Should the NS records for the zones be A, B and V, or just V? 3, Should S slave from A and B, or should it slave from V? 4. Should F forward to V, or to both A and B? -- Nick Urbanik http://nicku.org 808-71011 nick.urba...@optusnet.com.au GPG: 7FFA CDC7 5A77 0558 DC7A 790A 16DF EC5B BB9D 2C24 ID: BB9D2C24 I disclaim, therefore I am. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Slaving from DNS masters behind LVS
Note: Removing cross-post, but feel free to forward.
-Original Message-
From: Nick Urbanik
Date: Tuesday, February 12, 2013 10:00 PM
To: "keepalived-de...@lists.sourceforge.net"
, "bind-users@lists.isc.org"
Subject: Slaving from DNS masters behind LVS
>Dear Folks,
>
>We have a pair of DNS servers running BIND behind a direct routing LVS
>director pair running keepalived. Let's call these two DNS servers A
>and B, and the VIP V.
We run a similar setup, so I'm looking forward to hearing the community's
answers. My views below.
>They slave from a hidden master; let's call it M.
>
>I want to allow another machine S to slave from A and B, the pair of
>DNS servers that are behind LVS.
>
>Another machine F will forward to the DNS servers behind the load
>balancer, A and B.
>
>[There is another similar setup at another location, so there will
>be a V1 and V2, A1, A2, B1, B2; all of A1, A2, B1, B2 slave from M.]
>
>1. Should the machine in the SOA be V, or A or B?
I would use V.
Some will argue M if you are doing things like DDNS with DHCP...though
that's not clear here. Even if you are, it should not require using M
with the right configuration. I never publish my hidden master name in
public records.
>2. Should the NS records for the zones be A, B and V, or just V?
I think it depends on what you are trying to accomplish.
>From a Murhpy's Law perspective, where the VIP could go down (or need to
be taken down for maintenance), if the real servers are reachable by
clients in this case...listing A and B would be useful.
However you might accomplish the same thing with multiple VIPs hosted on
separate LVS clusters pointing to different sets of real servers, where
you only list V, V', etc. This is similar to what we do.
If you really don't want any queries directed to the real servers
themselves (or network topology prevents this), then you would only list V.
>3, Should S slave from A and B, or should it slave from V?
Either way you achieve the primary goal of HA, via VIP or masters {}. If
you use the VIP, you need to consider how much you care about the VIP
going down (maybe you don't if your expire time is high). If you use
masters, you need to consider how often you add new servers and require
updates to your configuration.
>4. Should F forward to V, or to both A and B?
I would actually setup a couple VIPs in cases like this, and use those as
my forwarders, resolv.conf entries, etc. If a DNS resolver tries a given
VIP, which gets a timeout from one real server, odd things might happen if
the client can't fail-over to a second VIP (it's retry logic will be tied
to the VIP address irrespective of # real servers). Edge case for sure,
but something to consider when load balancing DNS.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
