named.conf: query-source address

Charles Sprickman spork at bway.net
Thu Jul 17 05:22:53 UTC 2008 

On Wed, 16 Jul 2008, Chuck Swiger wrote:

> On Jul 16, 2008, at 8:51 PM, Eugene Grosbein wrote:
>> On Wed, Jul 16, 2008 at 06:34:38PM +0100, Matthew Seaman wrote:
>>> The 'query-source' options don't have to be specified: the system
>>> will just choose some appropriate address according to the state of
>>> the routing table.  'query-source' to set the source /IP/ is really
>>> only useful in some specific server configurations with several alias
>>> addresses any of which could be used.  That's pretty rare really.
>> 
>> Isn't this common to have multiple aliases at an interface?
>> Sometimes only one of them should be used for all DNS traffic.
>
> About the only common reason to set up multiple aliases on an interface is 
> when you're doing something like hosting multiple SSL webservers on a single 
> box which actually need to have distinct IPs as a consequence.  Other than 
> that, using public IPs for aliases is usually wasteful of IP address space.

I think another common reason is portability of services.  When I setup a 
box, it gets an IP that sticks with that piece of hardware.  Each distinct 
service that I pile onto it then gets it's own IP.  This has at least two 
major advantages that I've found:

-If the box dies, it's easy to move any of the services to another box 
without waiting for DNS changes to propogate.

-If one of the services outgrows the box, it's a simple matter to move 
that service elsewhere, again without playing with DNS.

I also will sometimes move services away for a major upgrade of the box. 
All of this becomes simple when you just bring an alias down on one box 
and up on another.

Next step, putting each service in a jail and moving the jail when needed.

> YMMV...

On the internets, it always does. :)

Charles

> Regards,
> -- 
> -Chuck
>
> _______________________________________________
> freebsd-stable at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "freebsd-stable-unsubscribe at freebsd.org"

More information about the freebsd-stable mailing list