DNS Resolver - Domain with Multiple IP's (Round Robin)

Hass · Aug 23, 2019, 11:18 PM

I currently have dnsmasq running on a VM with a Round Robin configuration and it works great as it provides a list of IP's and changes the order on every request. So providing a basic level of load balancing without the impact of putting a load balancer in front.

I'm trying to move this to our DNS Resolver running on pfSense. I saw in a 2016 post from @johnpoz that the only way to get a list of IP's for a given name in DNS Resolver was to leverage the custom option and do something like this:

Extract from post:
server:
local-data: "host.example.com A 10.10.10.1"
local-data: "host.example.com A 10.10.10.2"
local-data: "host.example.com A 10.10.10.3"

However as far as I can tell the order never changes. Does anyone know if this possible to get this feature that dnsmasq (DNS Forwarder) supports in DNS resolver?

Thanks

Hass

johnpoz · Aug 23, 2019, 11:34 PM

Not sure when I wrote that.. do you still happen to have link to that old thread handy?

If I am not mistaken its not really the requirement of ns to return them in random order, when more than one RR is returned the client should randomly pick one.. A while back unbound did not even have an option to set that... But in one of updates they did add
rrset-roundrobin:

Which default to no... So if you set it to yes.. Then you can then get it to hand out random

I just validated this

then when you query you get back random order.

$ dig @192.168.9.253 host.example.com +short
10.10.10.1
10.10.10.2
10.10.10.3

$ dig @192.168.9.253 host.example.com +short
10.10.10.3
10.10.10.1
10.10.10.2

$ dig @192.168.9.253 host.example.com +short
10.10.10.1
10.10.10.2
10.10.10.3

$ dig @192.168.9.253 host.example.com +short
10.10.10.2
10.10.10.3
10.10.10.1

Hope that helps!

KOM · Aug 23, 2019, 11:35 PM

Unbound examples I see talk about this option: rrset-roundrobin: yes.

https://forum.netgate.com/topic/120486/round-robin-for-dns-forwarder-network-address/3

Edit: Haha you got it straight from the horses mouth.

johnpoz · Aug 23, 2019, 11:35 PM

hehe - beat you too it @KOM, your too slow ;) heheheh

KOM · Aug 23, 2019, 11:36 PM

What can I say, I'm old.

johnpoz · Aug 23, 2019, 11:37 PM

heheeh - you older than me? I turn the big double nickel here in 6 short months :( Only good thing is going to be able to get some senior discounts... The track is half price to get in for GA ;) 4 bucks vs 8... hehehe

KOM · Aug 23, 2019, 11:38 PM

53 in October.

johnpoz · Aug 24, 2019, 5:48 PM

So not far behind - us old guys need to stick together :)

edit:
Maybe we should start a older than 50 group here.. I am really curious how many of the regs are of a mature age ;) Lucky for us 60 is the new thirty ;) I sure and the F do not feel like mid 50's that is for damn sure..

Hass · Aug 23, 2019, 11:53 PM

Thank you all,

@johnpoz for reference this is the link I was referring to:
https://forum.netgate.com/topic/98580/services-dns-resolver-add-host-override-with-multiple-ip-addresses/4

I found the rrset-roundrobin: yes and was worried it did more than what I wanted so didn't want to make the change on the product boxes.

But I have now and it's working a treat!

Thanks

Hass

KOM · Aug 24, 2019, 5:48 PM

@johnpoz

johnpoz · Aug 24, 2019, 11:22 PM

Wow that was back from 2016 ;) nice that still came in useful.. And now we have the new info with the round robin.. Glad it worked out for you and I could be of help..

Yup thats us old guys bitchin at the users from the balcony - heheeh ;)