RE: OT: DNS Question

• From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Fri, 23 Sep 2005 11:22:30 -0500

Hi Shawn,

Good points. And then there's the habit of the Windows DNS client to
suppress addresses that don't work for X number of minutes, even if
there was a momentary connection problem.

Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://spaces.msn.com/members/drisa/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls

 

> -----Original Message-----
> From: Quillman Shawn (RBNA/CSA1) * 
> [mailto:Shawn.Quillman@xxxxxxxxxxxx] 
> Sent: Friday, September 23, 2005 11:09 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: OT: DNS Question
> 
> http://www.ISAserver.org
> 
> 
> Keep in mind that in general DNS round-robin gets flaky at the
> application level since it's up to the application to determine how it
> handles resolution responses.  If the app don't know 
> round-robin you'll
> get incosistent results at best, and you know how many 
> developers are in
> tune with networking theories and security...
> 
> For example:
> host1.blah.com.       IN      A       192.168.0.1
> host1.blah.com.       IN      A       192.168.0.2
> 
> Query 1 for host1.blah.com returns:
> 192.168.0.1,192.168.0.2
> 
> Query 2 for host1.blah.com returns:
> 192.168.0.2,192.168.0.1
> 
> Query 3 returns
> 192.168.0.1,192.168.0.2
> 
> Etc.
> 
> Say 192.168.0.1 goes down, a client's resolver caches that 
> response, AND
> the app don't know round-robin.  Regardless of the state of 
> 192.168.0.2,
> the client's hosed until either 192.168.0.1 comes back up or 
> the TTL on
> the record lapses.
> 
> RR has certainly been around long enough.  In most cases, in my
> experience anyway, it's only been useful to make sure that at 
> least some
> people don't lose access.  I'd agree that you're relatively 
> safe in the
> mail world since mail's such a commodity service and is so in bed with
> DNS, but definitely play with it first :)  And maybe keep low TTL's on
> the RR records.  You can always then go in and whack the one record
> whose host is down if necessary to force all responses to 
> resolve to the
> host that's up.
> 
> >-----
> >Robert Bosch Corporation
> >Technical Systems Analyst (RBNA/CSA1)
> >Corporate Sales Reporting Systems
> >38000 Hills Tech Drive - Farmington Hills, MI 48331 - USA
> >phone: 1 (248) 553-1164    fax: 1 (248) 848-6969
> >shawn.quillman@xxxxxxxxxxxx
> >http://www.bosch.us
> 
> -----Original Message-----
> From: Steve Moffat [mailto:steve@xxxxxxxxxx] 
> Sent: Friday, September 23, 2005 11:41 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: OT: DNS Question
> 
> http://www.ISAserver.org
> 
> Cool...thats what I thought
> 
> Thanks 
> 
> -----Original Message-----
> From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] 
> Sent: Friday, September 23, 2005 12:23 PM
> To: ISA Mailing List
> Subject: [isalist] RE: OT: DNS Question
> 
> http://www.ISAserver.org
> 
> Hi Steve,
> 
> You can create two Host (A) records for mail.bldc.com.
> 
> The create an MX record for mail.bldc.com.
> 
> Enable DNS RR on the DNS server.
> 
> That should do it, unless this capsicum has gone to my brainium, borax
> and abominable cavity.
> 
> Thomas W Shinder, M.D.
> Site: www.isaserver.org
> Blog: http://spaces.msn.com/members/drisa/
> Book: http://tinyurl.com/3xqb7
> MVP -- ISA Firewalls
> 
>  
> 
> > -----Original Message-----
> > From: Steve Moffat [mailto:steve@xxxxxxxxxx]
> > Sent: Friday, September 23, 2005 10:14 AM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] OT: DNS Question
> > 
> > http://www.ISAserver.org
> > 
> > Normally, I'm quite good at DNS, (STFU Greggo....:), but I 
> cant get my
> 
> > head around this one...:)
> > 
> > No ISA involved yet....it's on the cards.
> > 
> > Client has 1 dedicated line and 1 ADSL line.  Heh heh not a load 
> > balancing or teaming question.
> > 
> > Dedicated line has an fqdn of mail.bldc.com
> > 
> > ADSL line has an fqdn of mail2.bldc.com (Static IP)
> > 
> > Now...I want to be able to resolve mail.bldc.com to both 
> IP's, is this
> 
> > possible in DNS, externally hosted?.....so that if one line 
> is down, 
> > it'll go to the other.
> > 
> > Thanks
> > 
> > Steve
> > 
> > The correct technical term for haggis stalking is "havering". 
> > 
> > 
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org 
> Discussion List as:
> 
> > tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit 
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > Report abuse to listadmin@xxxxxxxxxxxxx
> > 
> > 
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> isalist@xxxxxxxxxx To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> The correct technical term for haggis stalking is "havering". 
> 
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> shawn.quillman@xxxxxxxxxxxx
> To unsubscribe visit 
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> 
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion 
> List as: tshinder@xxxxxxxxxxxxxxxxxx
> To unsubscribe visit 
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> 

Other related posts:

• » OT: DNS Question
• » RE: OT: DNS Question
• » RE: OT: DNS Question
• » RE: OT: DNS Question
• » RE: OT: DNS Question
• » RE: OT: DNS Question
• » RE: OT: DNS Question
• » RE: OT: DNS Question
• » RE: OT: DNS Question
• » RE: OT: DNS Question
• » RE: OT: DNS Question
• » RE: OT: DNS Question
• » RE: OT: DNS Question
• » RE: OT: DNS Question
• » RE: OT: DNS Question
• » RE: OT: DNS Question
• » RE: OT: DNS Question

1. Home
2. isalist
3. Archive
4. 09-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---