nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Experience with Open Source load balancers?

From: Jimmy Hess <mysidia () gmail com>
Date: Tue, 17 May 2011 19:07:39 -0500
On Tue, May 17, 2011 at 6:23 PM, Mark Andrews <marka () isc org> wrote:
[snip]


Better still would be for them to return AAAA records but until one
is ready to do that the negative responses need to be correct.


Hm... better would be for  load balancers operate transparently at Layer 3 and
not tamper with the contents of answers from proper DNS servers.

Eating traffic based on application content, or turning  NOERROR,
0 matches into  NXDOMAIN is seriously f***'ed up.


I look forward to more domains having DS records published by TLDs w/
signed zones...
and possibly browsers displaying warnings trying to visit HTTPS
domains without a signed zone.

perhaps load balancers/middle box manufacturers will start to become a
little bit more honest
in what they do with DNS traffic  :)

--
-JH
Previous By Date Next
Previous By Thread Next

Current thread: