What is the practical limit for IP addresses in DNS round-robin?

domain-name-system traffic load-balancing

I'm currently running a site whose trafic is distributed among 7 mirror servers right now (using DNS round robin). But soon more mirrors will be necessary given the high amount of traffic which is permanently growing.

Is there any practical o recommended limit for the number of IP addresses associated to a given domain name when using round robin DNS ??

Also, what kind of solution would you recommend when the number of mirrors is high (e.g. more than 10 or 20 mirrors)?

Thanks.


Solution 1:

One thing to bear in mind is that by default, DNS lookups use UDP. If the response is larger than can fit in a single datagram, as many as will fit are returned and the TC (truncated) bit is set in the header.

The requester can choose to work with what was returned, or re-attempt the query using TCP.

Caching DNS servers are not supposed to cache truncated responses, as they don't know how complete the set of records returned is (the response doesn't say "I am giving you 12 of 28 records").

So the maximum number of records is a factor of how much you can stick in a UDP datagram. Remember that the response needs to include the authority section, which will vary in size based on the SOA record for the zone.

If you are using CNAME records, that will also increase the size of the response, as you get back the CNAME and the A record of the thing pointed to.

Your best bet is to play around with various numbers of A records using dig or "host -v" to see when the query crosses the max size of a UDP response.

Solution 2:

There is no hard limit, but most sites do not run more than 5 or 10 mirrors. Mirroring through DNS round robin is most useful if the sites are geographically separate so that there is redundancy in addition to load sharing.

As the number of mirrors increases, the efficiency of using DNS round robin as load sharing decreases because DNS round robin does not account for different requests requiring more resources. It is better to use front end load balancing to distribute the workload by CPU load and server availability, which will also simplify maintenance since a server can be immediately taken down without a DNS change resulting in clients trying to access a downed server from cached DNS records.

Related

White noise as a system monitoring aid? Real or myth?
Why is the "www." sometimes necessary? [duplicate]
How to interrupt stuck bash tab completion?
lftp: how to copy file on remote server
How can I tell which interface my Supemicro IPMI is piggybacking on?
How do I configure another instance of redis on ubuntu?
Blocking apache access via user agent string
Can 'Domain Users' join computers to the domain?
Deleting everything except newest files
In TCP/IP terms, how does a download speed limiter in an office work?
Why won't tcpdump write a pcap file?
Can anyone monitor my ssh (scp) file transfers