[Techtalk] DNS server load balancing

[Magni Onsoien]

Hi,

I am looking at a solution for load balancing traffic to top level
domain DNS servers.

Today we have 6 authorative name servers, some of them unicast based and
some anycast. We plan to expand this structure by adding more anycast
servers in several parts of the country.

To make this solution as robust as possible we want several servers in
some of the anycast sites (due to possible network isolation we can't be
sure the clients in the area can actually reach other servers but they
may still want to connect to local services), and I am looking at load 
balacing solutions for this so we can increase redundancy and robustness 
by having several servers here.

My plan is to distribute the zone data to all slaves (unicast and
anycast and load balanced and everyone). The load balancer will
then send traffic to them to balance load, and if one of them fails for
some reason, the other will get all the traffic. Preferably the balancer
will detect a failure only in the service, too, even if the ethernet
port still receives traffic.

The traffic here will be DNS traffic, i.e. UDP and TCP on port 53, but
it may be "strange" traffic, like DNSSEC or other future protocol
variations, so the balancer should accept anything that comes on these
ports and not just dump it because it didn't match the protocol exactly.

I haven't looked at many products yet, since it's a bit hard to search
for exactly this scenario (which is not the same as round robin DNS to
load balance traffic to other services), but I hope some of the chix
know something I could look at - or what completely useless products to
avoid.

Thanks in advance!


Magni :-)
-- 
sash is very good for you.