[dns-operations] Best practices for Linux/UNIX stub resolver failover
Fr34k
freaknetboy at yahoo.com
Tue Apr 22 20:15:08 UTC 2014
Once upon a time, testing on RHEL 5.7 revealed that "options timeout:1" works. That is, reduces the default time out of 5 seconds between unanswered queries to 1 second between queries, where RHEL will make three attempts.
That is, "options timeout:1" means the stub sends a query three times, 1 second between them, before giving up and sending an error if it does not get a response. Default is 3 tries with 5 seconds between them = 15 seconds before giving up and most applications will bail out long before that. Thus, "options timeout:1" may be a recommendation for most Linux stubs to use.
Additionally, testing revealed that "options rotate" did not result in the round-robin like behavior as I understood it is supposed to provide.
HTH
On Tuesday, April 22, 2014 3:39 PM, Stephane Bortzmeyer <bortzmeyer at nic.fr> wrote:
On Tue, Apr 22, 2014 at 03:04:27PM -0400,
Chuck Anderson <cra at WPI.EDU> wrote
a message of 51 lines which said:
> Because the failover behavior in libc is atrocious--each new or
> existing process has to re-do the failover after timing out, and
> even long-running processes have to call res_init() to re-read
> resolv.conf.
I agree with you. It is not usable in practice.
options timeout:1
in /etc/resolv.conf helps a bit (just a bit)
> It seems that the only sensible way to run a datacenter (or a network
> full of Linux workstations for that matter) is to either:
I agree also.
> We need an independent, system-wide DNS cache, and always point
> resolv.conf to 127.0.0.1 to solve this fundamental design
> problem with how name resolution works on a Linux system.
> Windows has had a default system-wide DNS cache for over a
> decade. It is about time that Linux catches up."
I agree and, by the way, this is also necessary to do DNSSEC
validation in the right place (on the user's machine).
_______________________________________________
dns-operations mailing list
dns-operations at lists.dns-oarc.net
https://lists.dns-oarc.net/mailman/listinfo/dns-operations
dns-jobs mailing list
https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
More information about the dns-operations
mailing list