[prev in list] [next in list] [prev in thread] [next in thread]
List: loadbalancing-l
Subject: RE: "[load balancing] DNS Loadbalancing"
From: "crazy" <crazy () masterofdarkness ! de>
Date: 2003-05-24 19:45:38
[Download RAW message or body]
The way back is the problem... as far as I understand it the situation is: you want \
to make a zone transfer to get a zone from an external DNS server to your DNS servers \
behind the Alteon. Your reals will try to establish a session to the world outside. \
They will use their eth0 IP and a user port as src. The packet will arrive on \
interface 4 of the Alteon but the Alteon will not RIP to VIP translate the packet. \
The Alteon will do the RIP to VIP translation only if the source port is a lb'ed port \
(in your config: dns (53), ntp (123), smtp (25) and port 873). All other packets will \
just be routed/forwarded.
You should try to get a sniff of the traffic in front of the Alteon and see what is \
happening there. I guess you will find packets with the addresses of your real DNS \
servers there... try a simple tcpdmp on dns1 and start the zonetransfer manual \
(named-xfer) - you should see a SYN going out. What else? Is the SYN-ACK coming \
back???
[Attachment #3 (text/html)]
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.2800.1126" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT face=Arial size=2>The way back is the problem... as far as I
understand it the situation is: you want to make a zone</FONT></DIV>
<DIV><FONT face=Arial size=2>transfer to get a zone from an external DNS
server to your DNS servers behind the Alteon. Your</FONT><FONT
face=Arial size=2> reals</FONT></DIV>
<DIV><FONT face=Arial size=2>will try to establish a session to the world
outside. They </FONT><FONT face=Arial size=2>will use their eth0 IP and a user
port as src.</FONT></DIV>
<DIV><FONT face=Arial size=2>The packet will </FONT><FONT face=Arial
size=2>arrive on interface 4 of the </FONT><FONT face=Arial size=2>Alteon but
the Alteon will not RIP to VIP translate the packet. The Alteon will do the RIP
to VIP </FONT><FONT face=Arial size=2>translation only if the source port is a
lb'ed port (in your config: dns (53),</FONT></DIV>
<DIV><FONT face=Arial size=2>ntp (123), smtp (25) </FONT><FONT face=Arial
size=2>and port 873). All other packets will just be routed/forwarded.
</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>You should try to get a sniff of the traffic in
front of the Alteon and see what is happening there. I guess </FONT></DIV>
<DIV><FONT face=Arial size=2>you will find packets with the addresses of your
real DNS servers there... try a simple tcpdmp on dns1</FONT></DIV>
<DIV><FONT face=Arial size=2>and start the zonetransfer manual (named-xfer) -
you should see a SYN going out. What else? Is the</FONT></DIV>
<DIV><FONT face=Arial size=2>SYN-ACK coming back???</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV></BODY></HTML>
____________________
The Load Balancing Mailing List
Unsubscribe: mailto:majordomo@vegan.net?body=unsubscribe%20lb-l
Archive: http://vegan.net/lb/archive
LBDigest: http://lbdigest.com
MRTG with SLB: http://vegan.net/MRTG
Hosted by: http://www.tokkisystems.com
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic