Maintained by: NLnet Labs

[Unbound-users] patch implementing round robin rrsets

Thijs Kinkhorst
Wed Mar 7 18:26:15 CET 2012


On Wed, 7 Mar 2012 17:59:48 +0100, Olaf Kolkman <olaf at NLnetLabs.nl> wrote:
> On Mar 7, 2012, at 4:49 PM, Tony Finch wrote:
> 
>> Olaf Kolkman <olaf at NLnetLabs.nl> wrote:
>>> 
>>> But you could reasonably ask whether those load balancing properties
>>> should be under the control of the authoritative or the recursive name
>>> server.
>> 
>> Indeed :-)
>> 
>> The problem with saying it must only be the authority's job is that in
>> situations like ours (which being a university is I guess not that
>> different from Thijs's) the user population do not use very many
>> different
>> resolvers, so the authorities do not get the opportunity to serve up
lots
>> of different RR set orderings, unless you go for ridiculously short
TTLs.
> 
> 
> So, you want to do traffic management to infrastructure within your own
> administrative domain with the resolver. If that is indeed the use case
it
> is an argument for making an option like this configurable on a per
domain
> basis, when you consciously want to overwrite the intention of the
domain
> holder.

The order of records in an rrset is not defined: it's a set. If you return
them in a different order at the resolver, you're not overwriting any
'intention' of the domain holder, as there's no expressed intention. Set
(a,b,c) is the same set as (a,c,b), afterall.

I would not be in favour of such a configuration option, as that adds
complexity to the proposed patch which in my opinion is not needed: if auth
returns (a,b,c) and resolver returns (a,c,b), both have returned the exact
same set. What would you want to gain with such an option?


-- 
Thijs Kinkhorst <thijs at uvt.nl> – LIS Unix

Universiteit van Tilburg – Library and IT Services
Bezoekadres > Warandelaan 2 • Tel. 013 466 3035 • G 236