kam_uk
asked on
Load balancing DC's?
Hi Everyone
We have about 5 DC's in our main site. There are a plethora of applications that need a DC hardcoded into their code to for either LDAP queries, or authentication.
At the moment, they are all pointing to DC1.
Obviously, if DC1 goes down, then we are in trouble.
I woud like to look into load balancing across all 5 DC's. I guess I could create a DNS CNAME (ldap.kam.uk) that points to all the DC's, but if one of the DC's is down, this won't help much. Does anyone have any ideas how I can implement some redundancy?
We have about 5 DC's in our main site. There are a plethora of applications that need a DC hardcoded into their code to for either LDAP queries, or authentication.
At the moment, they are all pointing to DC1.
Obviously, if DC1 goes down, then we are in trouble.
I woud like to look into load balancing across all 5 DC's. I guess I could create a DNS CNAME (ldap.kam.uk) that points to all the DC's, but if one of the DC's is down, this won't help much. Does anyone have any ideas how I can implement some redundancy?
The CNAME option will work, I would just put a very low TTL on them so that if one goes down or you have to take it offline for maintenance, the client will kick over to the next DC.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi
Sorry, when I said load balance authentication, I wasn't referring to users authenticating, more the applications authenticating where they had a hard coded DC. They are unable to use SRV records.
ISWSIMBX - good idea about the TTL. What would you recommend? Also, wouldn't this generate more DNS traffic though?
Thanks!
Sorry, when I said load balance authentication, I wasn't referring to users authenticating, more the applications authenticating where they had a hard coded DC. They are unable to use SRV records.
ISWSIMBX - good idea about the TTL. What would you recommend? Also, wouldn't this generate more DNS traffic though?
Thanks!
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks..
Just one final query...
Let's say I list a DC in the UK, Spain and Russia in this ldap.kam.uk record.
If an application in Russia attempts a connect to ldap.kam.uk, will it contact the Russia DC, or is the proximity of the DC completely irrelevant in this DNS example?
Just one final query...
Let's say I list a DC in the UK, Spain and Russia in this ldap.kam.uk record.
If an application in Russia attempts a connect to ldap.kam.uk, will it contact the Russia DC, or is the proximity of the DC completely irrelevant in this DNS example?
Generally irrelevant. However, NetMask Ordering will attempt to give you an answer within the same subnet as the client if it can. Otherwise it uses standard Round Robin rotation.
I believe NetMask ordering matches on 24-bit subnets by default.
Chris