Re: How to find ver in BIND 8.x for NT?
This is a discussion on Re: How to find ver in BIND 8.x for NT? within the Bind Users forums, part of the DNS and Related Forums category; At 7:48 PM -0400 2005-05-17, Danny Mayer wrote: > Because of a number of architectural issues that ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
05-18-2005
|
|||
|
|||
Re: How to find ver in BIND 8.x for NT?
At 7:48 PM -0400 2005-05-17, Danny Mayer wrote:
> Because of a number of architectural issues that were finally fixed > in BIND 9.3.0 and 9.2.4 I don't recommend any version of BIND > earlier than those and none of the BIND 8 versions. Good advice. > BIND 9 does > support round robin but I have no idea what you mean by round robin > through multiple CNAME's nor why you need to use multiple CNAME's. I'm not sure, but he may be talking about the same CNAME trick we were using at AOL to do very crude round-robin load-balancing for americaonline.aol.com (the hostname that the AOL client connects to, if you bring your own access). What it amounts to is a CNAME chain, with multiple CNAME records at certain levels. So, americaonline.aol.com might have multiple aliases pointing to dial.internet.aol.com, dial1.internet.aol.com, .... dialXXXX.internet.aol.com. Likewise, each of the dialXXXX.internet.aol.com names would have multiple CNAME records pointing to 1.internet.aol.com, 2.internet.aol.com, ... YYY.internet.aol.com, and the actual A records are only associated with the final CNAME target. The cool thing is that, when you do anything other than a CNAME query for a given hostname, only one path down the CNAME chain will be followed. Just two numeric digits in the CNAME aliases for two levels could give you ten thousand different final sets of target IP addresses, and each final set would be relatively limited in size. Anyway, we couldn't use it for mail, because you can't point MX records at CNAMEs, but it worked a treat for americaonline.aol.com. However, I believe that this is an old trick that works under BIND-8 and not under BIND-9. IIRC, this wasn't technically illegal according to the original spec and BIND-8 allowed it, but apparently BIND-9 tightened up on this issue (perhaps in response to some newer guidance?). If you check the authoritative nameservers for AOL, you will find that dns-01.ns.aol.com through dns-09.ns.aol.com appear to be running BIND 9.2.3rc1-9.4.0a0 (according to fpdns.pl), while internet.aol.com is delegated to two other nameservers (aol-23a.aol.com and aol-23b.aol.com), both of which appear to be running BIND 8.3.0rc1-8.4.4 (according to fpdns.pl). Interestingly, these latter two machines also appear to have recursion enabled. I'll have to have a talk with the hostmaster folks. -- Brad Knowles, <brad@stop.mail-abuse.org> "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See <http://www.sage.org/> for more info. 
|
Linear Mode
