On Wed, 5 Apr 2006, marcelo bagnulo braun wrote:
i agree that the expressed policy has to be quite stable, i mean,
the cache will introduce certain inertia, and changing the
preferences may take some time, but at least you can express some
preferences about which addresses the site preffers for incoming
communications...
The problem is that DNS caches in the middle will cache both IP_1
and IP_2, but lose the "preference" which is conveyed by the
weighted address ordering, because from the DNS cache perspective
IP_1 and IP_2 are equivalent.
but my assumption is that the remote resolver will also query for the
SRV record as local hosts do, so the SRV information will be
retrieved also (perhaps from the caches, but this is no problem if it
is not very dynamic)
wouldn't this work?
Indeed, it would work fine if SRV lookups would be done by remote
resolvers.
I was thinking one step ahead, the scenarios where the remote
resolvers don't have SRV lookup support. Authoritative DNS servers at
a local site could do the policy adjustment by weighing the responses,
but it wouldn't really work due to caching (and to smaller degree,
resolver's reordering of addresses).
--
Pekka Savola "You each name yourselves king, yet the
Netcore Oy kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings