[dns-operations] Sporadic but noticable SERVFAILs in specific dual stack nodes in an anycast resolving farm
kzorba at otenet.gr
Wed Mar 5 19:26:17 UTC 2014
Jeroen Massar <jeroen at massar.ch> writes:
> On 2014-03-05 14:45 , Kostas Zorbadelos wrote:
>> The situation is described here:
> From that post:
>>> The main difference in the 3 machines from the rest is the IPv6
>>> operation. Those machines are dual stack, having /30 (v4) and /127
>>> (v6) on the physical interface.
> As your queries are going outbound over IPv6 while the other boxes do
> not, have IPv6, that is a big difference of course.
> How exactly did you configure that /127 on the interface, you are aware
> of this concept called subnet-router anycast address I hope?
> As that could cause packets not to be able to exit once in a while in
> miraculous ways...
> Next to that see:
> though some people disagree and thus there is now:
> and thus:
Actually, the /127 issue came up in internal discussions with colleagues.
We've been using /127 on our inter-router links, as per rfc6164, but
we're not sure how does the linux (kernel) support that (and especially
the CentOS 2.6.32-whatever).
As an extra step, we will reconfigure a link to use /64 on one of
the servers and will share the results.
> Additionally, you might want to monitor address/route add/removals with
> the 'ip mon' tool.
More information about the dns-operations