[Pdns-users] Zone transfers and load balancing PowerDNS.
Norbert Sendetzky
norbert at linuxnetworks.de
Sat Aug 2 15:22:51 UTC 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Saturday 02 August 2003 01:26, Mike Benoit wrote:
> One of the main issues we face is with zone transfers and our
> replicated MySQL backend. MySQL only supports Master -> Slave
> replication (Master <-> Master would solve this issue of course),
> so all zone transfers have to go to NS1 (Master), which will then
> be replicated to NS2 by MySQL itself. Now in a load balanced
> system, we can't control, or even force zone transfers to go to
> NS1.
Master <-> Master replication is difficult, because it is not
working correctly if a record is changed on both masters at the same
time.
The real problem in your situation seems to be the loadbalancer which
seem to rewrite the packets regardless where they are coming from.
Normally the slave (your master) requests a zone transfer from the
authoritive name server by opening a tcp connection and asking for a
specific zone (if I understood it correctly and don't look at
notifications from the authoritive name server). Though the request
comes from behind the load balancer, it must not rewrite the answer
packets and all level 4 loadbalancer do this.
> I was thinking perhaps adding a new option to PowerDNS similar to
> how LDAP works. When a request to write to the database comes in to
> a slave name server, it basically just connects to the master
> database server and forwards the SQL query off to it. (which then
> immediately replicates back to the slave database server)
LDAP only send a referral back to the client saying: I'm not allowed
to make updates, use this server instead.
A solution to your problem would be to replace the master behind the
loadbalancer by another slave and connecting the master directly to
the internet so it can do zone transfers without intermediate
loadbalancer.
Norbert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iEYEARECAAYFAj8r10sACgkQxMLs5v5/7eCgdACdFUbOGV8ge5TIuii12vZhq6U0
IgIAn2UGL6HKwhreATGAV8AT3qH2+vB6
=LvvG
-----END PGP SIGNATURE-----
More information about the Pdns-users
mailing list