Search Again: Re: Problems with load balancing on slave server From: Men & Mice Support Date: Tuesday, August 7, 2001 Time: 1:44:21 am At 7:53 AM -0700 8/7/01, Noah Patton wrote: >I just recently upgraded from QuickDNS 2.2.1 to QuickDNS 3.5, and am >experiencing some very strange behavior. > >When I create a new zone with a load balancing record, the domain >looks fine on the primary name server, and when testing with the >load balancer, or with my own manual test (taking down one server, >etc) it works fine on the primary name server. > >However, when I look at the zone on the secondary name server, it >has some very strange entries - notably, there are two new entries >made - both called www, with a TTL of 300 (the TTL I set for the >load balance record), with a type of NS, and data of >ns2.universalmac.com and ns.universalmac.com (my primary and >secondary name servers). This is perfectly normal. >The load balance record is still there, however, if I look at it it >has a TTL value of 86400 (the default) instead of the 300 I set it >to. I was just noticing this type of thing with another customer's load balance record. It may be a bug. I'll check with our engineers and get back to you. >Load balancing for the secondary DNS server does not work at all, >when tested with the LB tester it always returns the secondary web >server or non load balanced result about 1 in 25. That indicates that QuickDNS Load Balancer on the slave server is not able to contact the main web server, and has some trouble contacting the backup web server. >Here's what's the primary zone looks like: > >@ IN NS ns.universalmac.com. >@ IN NS ns2.universalmac.com. >@ IN MX 10 mail >@ IN MX 20 mail2 >@ IN A 208.30.235.242 >mail2 IN A 208.30.235.242 >mail IN A 63.228.116.133 > >Load balance record: > >Name: www >TTL: 300 >Interval: 30 >Hostlife: 60 >Protocol: HTTP >Host addreses: >208.30.235.242 preference 100 >63.228.116.133 preference 1 > >Here's what the secondary zone looks like: > >@ IN NS ns.universalmac.com. >@ IN NS ns2.universalmac.com. >@ IN A 208.30.235.242 >@ IN MX 10 mail >@ IN MX 20 mail2 >www 300 IN NS ns2.universalmac.com. >www 300 IN NS ns.universalmac.com. >mail IN A 63.228.116.133 >mail2 IN A 208.30.235.242 > >Load balance record: > >Name: www >TTL: 86400 >Interval: 30 >Hostlife: 60 >Protocol: HTTP >Host addreses: >208.30.235.242 preference 100 >63.228.116.133 preference 1 > >Note the two odd www entries, only present on the secondary server. Again, this is perfectly normal. >The goal of load balancing in this case is purely for redundancy, >which is why I set the preference values to 100 and 1 - so that all >my traffic will got to 208.30.235.242 when it is up, if it's down, >then the traffic should go to 63.228.116.133. I could adjust these >values if necessary, but 208.30.235.242 has significantly more >bandwidth than 63.228.116.133 and a much more powerful server. > >There are currently 25 zones being served by these two DNS servers, >pretty much all of them look the same, and are having the same load >balancing problem. > >After I configured all this, I read on this list that load balancing >20 servers might be a bad idea due to the overhead caused by the >interval checking. > >However, all 25 of these servers combined generate less than 500 >hits a day, and are running on a 869Kbit internet connection on a >PowerMac G3 400mhz B&W running WebStar 4.4 for 208.30.235.242 and a >128Kbit internet connection on a PowerMac 8100/80 running WebStar >4.3 for 63.228.116.133 at a remote location. The amount of traffic these sites see is not relevant to the issue at hand - QuickDNS Load Balancer's connections to the web servers don't show up in the logs. The issue is, for each load balance record, Load Balancer must connect to each web server once every 30 seconds. With 25 load balance records, that's almost 2 connections per second. QuickDNS Load Balancer wasn't built to handle much traffic; it was built to be a low-resource-using background application. >208.30.235.242 is behind a IPNetRouter gateway. QuickDNS 3.5 runs >on the same box as IPNetRouter, I port mapped UDP 53 to enable >QuickDNS to communicate. The WebStar 4.4 server itself is on a >separate box behind the firewall. > >Is the number of domains I am load balancing, or the IPNetRouter >gateway itself causing problems? I can reduce the need for load >balancing records by creating CNAMEs for as many hosts as possible, >but I will still have 15 or more domains and am going to be adding >quite a few more in the near future. Can you set up 24 of these 25 zones with CNAME records named www, instead of load balance records? >Should I be using fully qualified names for load balancing records, >or does it make a difference? Actually, you'll find that you can't use fully qualified domain names when creating load balance records. QuickDNS Manager won't let you. This is intended to screen against names outside the zone. >I have also tried taking the gateway completely offline so that >QuickDNS 3.5 is the only service running on 208.30.235.242 and then >re-creating the zone manually or with the assistant, either way the >result is the same. Therefore, I believe IPNetRouter is not getting >in the way at this point. > >The DNS server that load balancing works properly with, >ns.universalmac.com, properly pushes people to 208.30.235.242 99% of >the time, and to 63.228.116.133 only on rare occasion, which is >exactly what I want. Therefore, I believe that IPNetRouter and my >internal WebStar server accessed at 208.30.235.242 are not part of >the problem. > >Which leaves me just with this strange anomaly on the secondary >server at 208.30.235.242. Any ideas? I could check things out a bit if you gave me the full name of one or more of these load balance records. However, it sounds to me like perhaps you should increase the Hostlife value a bit (to 90, for example), to see if giving it more time will improve things. And replace as many load balance records with CNAME records as possible. >When I check out all 25 domains with DNS Expert Professional, they >all come out clean except for a need for a ptr record for the mail >server at 63.228.116.133 (Just how big of a problem is that, >anyways? Mail has been consistently working for years without >complaint) It seems to come up pretty rarely, judging by the number of questions I get regarding this. However, if you should ever need to send mail to an account @skynet.be, for example, make sure you either have your PTR record in order or else route the message through your NSP's mail server (with their permission, of course). >Perhaps their is a better way to achieve the redundancy I am looking >for? It occurred to me that if I intentionally fragmented the zone >data so that the primary DNS server gave the primary web server IP's >and the secondary DNS server game the secondary web server IP's, I >would get the result I am looking for, but that seems like very bad >policy. Actually, the only problems with this approach are: - double the effort when creating or modifying zones, and - far less control over the proportion of traffic directed to each server. I've seen knowledgeable people state that this is a very bad way to do things, and that it will somehow break something, but I don't see how. ____________________________________________________________________ Chris Buxton Men & Mice cbuxton@menandmice.com We Make DNS Easy!

Messages In This Thread: Problems with load balancing on slave server by Noah Patton on Aug 7, 2001 at 12:54:26 am Re: Problems with load balancing on slave server by Men & Mice Support on Aug 7, 2001 at 1:44:21 am Re: Problems with load balancing on slave server by Noah Patton on Aug 8, 2001 at 3:45:08 pm Re: Problems with load balancing on slave server by Men & Mice Support on Aug 8, 2001 at 4:07:40 pm