TinyDNS load balance option not working…?
-
We have redundant load balanced WAN links with a pair of pfSense servers set up with CARP. Everything is working great and we decided to host our own DNS for some domains. The obvious choice here is to use pfSense again! :)
We're a little paranoid though, so we'd rather not run DNS on the actual firewalls.
pfDNS appears to be in a state of flux, and we do have some VMware hosts in our DMZ, so we simply downloaded the VMware image of 1.2.2 and added the TinyDNS package.
Basic testing shows everything is just peachy - TinyDNS works great, serves up whatever records we enter.
But when we add an alternate IP to an A record and check the option for load balancing. TinyDNS seems to completely ignore the option and will only hand out the primary IP, (though it will still failover properly to the alternate if it has something to check and decides the primary is no good).
The easy answer of course is to just add another A record with the primary and alternate swapped, and let it do round-robin (RR), but if one of our connections goes down it will then hand back a duplicate response with the same IP. Not the end of the world, but I'm sure there's some badly coded app out there that will freak out in that scenario, so I'm trying to get RR to work using the alternate IPs on a single A record.
Hesitating to file a bug report in case I'm just missing and/or mis-interpreting something obvious - has anybody else run into this…? -
This may be a non-issue. The following command issued in a failover scenario with RR:
dig @ns.domain.com A www.domain.com
…produces the duplicate entry response described above.
But a simple:
dig A www.domain.com
...returns just the one record. Apparently just a feature/bug of dig.