Re: SRV RRs support in Internet Explorer?
From: Rémi Després (remi.despres_at_wanadoo.fr)
Date: 02/22/04
- Next message: Kevin D. Goodknecht [MVP]: "Re: rebuild DNS"
- Previous message: A.k>: "Re: rebuild DNS"
- In reply to: William Stacey [MVP]: "Re: SRV RRs support in Internet Explorer?"
- Next in thread: Rémi Després: "Re: SRV RRs support in Internet Explorer?"
- Messages sorted by: [ date ] [ thread ]
Date: Sun, 22 Feb 2004 17:15:59 +0100
I believe you are right in being unsatisfied by my proposal as it was.
It had a remaining dynamic port bias, which it shouldn't have had, and was
as a consequence incomplete concerning the Load Balancing & BackUp problem.
Yet SRV records have a great potential for the LB&BU problem.
They tell explicitely:
. which host names may normally be used
. how LB must be tuned up among them (for cases where servers have
different CPU powers and/or access link bandwidths)
. which hosts may be used for backup, and if used with which LB
frequencies.
Using just short TTLs one would still miss differentiation between normal
host that are intended forLB and BU one.
Differentiated LB frequencies would also be missed.
The significant step forward for LB&BU that I see for future versions of IE
and MS DNS Server could then be as follows:
- MSDNS when it responds with A RRs also provides all SRV records that
match the same query name (if any).
- IE exploits SRV records rather than A ones when it receives both.
Looking forward to what you think.
Rémi Després
"William Stacey [MVP]" <staceywREMOVE@mvps.org> a écrit dans le message de
news:eQq3JIC9DHA.2392@TK2MSFTNGP11.phx.gbl...
> Thanks for the reply. A lot of points there, so instead of addressing
each
> one, I will take a step back and generalize a bit. There are some
> fundemental truths we can infer if we limit our thinking (at the moment)
to
> web access from a client to web server and, to keep things simple, also
> assume ipv4 for this:
> 1) A client service (i.e. browser, etc.) needs to somehow resolve a name
to
> an IP address and port number. The port number could be implicit (i.e.
> wellknown) or explicit.
> 2) At any point in time, a server (i.e. an IP/port endpoint ) could fail
> and the client, if given multiple options, could select another endpoint
in
> the list.
>
> So, before the client browser can connect to an endpoint, it needs to
query
> for some kind of dns RR that will return at least a single IP address and
> possibly a port number. To LB, that endpoint could be a gateway that does
> the LBing for many web servers "behind" it, or we need to return more then
> one IP to client and let it somehow "pick" one to use via some rules for
LB,
> or the dns server must order the records based some LB rules. Regardless
of
> which IP address the client picks, that endpoint can fail at any point.
So
> the client also needs to walk the list to pick the next service endpoint
to
> try. So we have most of this already. Client can query for A record and
> get back an A record list. SRV records would allow dynamic port bindings,
> but not solve LB problem. In either case, we still need some help because
> any server can fail, and we need to pick another one (if we have another
> one) and try that one. IE implicitly tries port 80 first because that is
> the wellknown port for http. smtp is 25, etc. You can override this at
the
> browser if you want 8080, for example. So dynamic ports, imo, does not
> really help us in terms of LB or backup.
>
> What can help us is TTL. If we don't keep the TTL low (i.e. 5-10 secs),
we
> can't effectively LB or backup because NSs cache the records for the TTL
> time. This can "hide" any kind of LB or round-robin we try to do at the
> name server as NS ns1 will return the list in the order it got the list or
> may round-robin its' cached list until it needs to refresh. Not sure that
> other NSs should change the order, as that presumes it "knows" what the
> Owner of the domain name wanted - which would be wrong in most cases. So
if
> we wanted to do this ourselfs, how would we do it? We know yahoo.com and
> google.com and microsoft.com do it somehow, but how? One solution is to
> have a small LB applette on each web server that post Stat messages to a
> dynamic DNS service on our DNS server(s) for the name. This applette
> collects cpu usage, connections, memory, etc and posts the message to our
> server service that changes the DNS records on our NSs based on load or
any
> rules it wants to use. The RRs would then have a small TTL. This assures
> that client's and other NSs will not keep using the same records in the
same
> order and they Timeout. The dns server can remove failed servers and give
> other records higher list order based on load. This can be done with A
> records. I still don't see how SRV records would help backup or LB. You
> would still need to do the above. It would, however, give you dynamic
> ports, but still not sure of the value in that for wellknown services like
> http, etc. Cheers.
>
>
> --
> William Stacey, MVP
>
> "Rémi Després" <remi.despres@wanadoo.fr> wrote in message
> news:u4l$Q#77DHA.2044@TK2MSFTNGP10.phx.gbl...
> > Thanks for your interest in the subject, which I believe is worth it.
> >
> >
> > 1. The two issues of Backup and Load Balancing on one hand, innovative
use
> > of dynamic ports on the other hand must IMO be kept completely separate.
> > The second subject may never come up and should better be ignored for
the
> > time being (it only happens to be the reason why I started studying
> details
> > of the DNS).
> >
> > 2. On the contrary, the two isues of backup and LB "must be considered
> > together".
> > If the browser always picks up the first A record first, backup is
> achieved
> > but not LB (A is generic here, to be understood as A or AAAA or A6)
> > Even this can be defeated if the Name Server itself cycles through
> different
> > orders of the A RRs of a domain name (some BIND servers may do it, it
> seems,
> > precisely to achieve LB independently of browser behaviors).
> > If conversely the browser cycles through received A RRs, LB is achieved
> > (only with equal weights); backup becomes impossible, whatever the NS
> does.
> > In other words, with only A RRs, neither backup nor LB, event in its
round
> > robin variant, can be safely achieved.
> >
> > 3. Using a gateway host do do LB, an approach of which I don't know all
> > consequences, doesn't seem to be the simple and clean solution that
> Internet
> > needs (and is it IETF approved, as SRV RRs are?)
> >
> > 4. Using the nonexistant domain (ND) response has been based based on
the
> > following logic:
> > - The goal is to guarantee to Service Providers who want it e2e backup
> > and/or LB.
> > - At least initially, most servers will (quite legitimately) remain
> > reachable by means of A RRs.
> > - Browsers must therefore query for A RRs and exploit returned IP
> addresses
> > if present.
> > - Without a change in NS behavior the only answer without an IP adress
to
> an
> > A query is an error report.
> > - Rcode 3 ("Name Error" in RFC 1035, aka Nonexistant Domain) should
> > guarantee a prompt answer by all NSs if no A RR exists for the queried
> > domain name. (It could be considered that rcode 3 really means
Nonexisting
> > Domain "for this type of query".)
> > - Making always a SRV query after receiving an rcode 3 should not be
> > problem: in the absence of SRV record a new rcode 3 would be received,
> this
> > time to be user signalled; if a SRV record is present, e2e backup and LB
> are
> > achieved with existing standards and existing NSs (setting up the
> > appropriate records in NSs is sufficient, an significant breakthrough
> IMO).
> >
> > 5. Note: an improved efficiency of the process would be possible in the
> > future if NSs are permitted to answer directly with SRV records to A
> queries
> > when no A record is available. The above mechanism would still work,
with
> no
> > harm, where needed (in old-fashioned NSs), while in general SRV
responses
> > would be obtained immediately.
> >
> >
> > Rémi Després
> >
> > ----------------------
> >
> >
> > "William Stacey" <staceywREMOVE@mvps.org> a écrit dans le message de
news:
> > u49FB9z7DHA.2416@TK2MSFTNGP10.phx.gbl...
> > > > 1. The first one, general in scope, is being able to define a backup
> > site,
> > > > and/or mirror sites with load sharing, for a particular resource.
> > > > For this, using the (clean) DNS-SRV mechanism, seems an obvious
idea.
> > > > It would logically involve just a simple extension of IE whereby if
it
> > > > receives a "nonexistent domain" error code in an answer to an A or
> AAAA
> > > > request for domain name xxx.yyy, then it would try the standard SRV
> > > request
> > > > for such a resource, i.e. _HTTP._TCP.xxx.yyy.
> > >
> > > I see what your saying. However, you can do much of that today. If
you
> > > have 4 A records for the host name, then IE will try the first,
second,
> > etc.
> > > The srv record approach does not really help here, cause in either
case,
> > you
> > > still need to fall down to next host, which IE does today. Also, in
the
> > > case of http, dynamic ports would probably cause more issues then it
> > fixes.
> > > Port 80 is standard for general access. I can't think of a good
reason
> to
> > > change that or allow dynamic port changes. If you have 20 web
servers,
> > they
> > > just listen on 80 - simple. I would not use srv records to get around
> > > needing host headers either. Ports are valuable, I would not use them
> as
> > an
> > > alternative to host headers. I don't get the "nonexistent domain"
> reason.
> > > If the name does not exist, then it was not setup for a reason and you
> > don't
> > > want another "solution" that somehow "finds" names that don't exist
for
> a
> > > reason. If I miss what your saying, please correct me as this is an
> > > interesting idea. I just don't see the exact value from the text at
> this
> > > point. The load balancing, IMO, is the real winner. DNS load
balancing
> > is
> > > lacking. You can do round robin to get cheap LB, but we all know the
> > issues
> > > with that. That said, if you require real LB, you implement a LB
> > > gateway/host that does that and/or use a LB dns like akadns does. I
> don't
> > > see how srv records help here.
> > >
> > > > 2. The second objective, more specific, and for a project of my own,
> > > > involves using the DNS-SRV capability of dynamically indicating
which
> > TCP
> > > > port has to be used on which host.
> > >
> > > Any client app can use SRV records if they need or want. You get to
> > decide
> > > how and why to use them.
> > >
> > > Please post back. Cheers.
> > >
> > > --
> > > William Stacey, MVP
> > >
> > >
> > >
> > >
> > >
> > >
> >
> >
>
>
- Next message: Kevin D. Goodknecht [MVP]: "Re: rebuild DNS"
- Previous message: A.k>: "Re: rebuild DNS"
- In reply to: William Stacey [MVP]: "Re: SRV RRs support in Internet Explorer?"
- Next in thread: Rémi Després: "Re: SRV RRs support in Internet Explorer?"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
