[PROXYPER] proxies down or what?

Charles Clark cmc+dnet at ralf.org
Tue Mar 12 17:47:28 EST 2002


> From:     "Bruce Wilson" <bwilson at distributed.net>

> I believe the behavior is dependent on the OS and the DNS client
> caching implementation.  My Win32 perproxy selects different servers
> on each attempt, and my dnetc's do the same.

as do my perproxy and dnetc's on various forms of unix.

> Some OS's will expire their cache quickly.  Others will use the cache
> forever.  (Hmm, maybe if you updated less often, the cache would
> expire and it would pick another via round-robin?)

Any OS that does not expire the cache in accordance with the TTLs
returned with the dns lookup is broken. However, it may not be
the case that os2 is broken in this way; it is specified in the
RFCs about dns that the lookup routines used may re-order the
results of a query which returns multiple answers by any method
they choose. Even if the actual dns server is randomly ordering
the answer, the lookup routine used to query the dns server may
always order them the same. For instance it could decide to put
results which match some level of mask (say the first 8, 16, 24,
or whatever number of bits in the current netmask) of the results
compared to the machine's own address at the top, hoping to give
"closer" addresses preference.

If you really want a network client to psuedo-randomly choose a
machine to connect to from a lookup which returns multiple
values, you need to implement the randomization in the client; it
is perfectly valid and you need to assume it will happen that
some systems will always return the list in the same order.

I know nothing about os2, but it may be possible to change the
behavior of the IP lookup routines into something random, and/or
to affect the flushing of the cache more frequently.

For instance, on most unix systems the order of values returned
by gethostbyname is the order returned by the server, and the
most common unix dns servers "rotate" the order of the answers
when there are multiple answers, but the sort order of
gethostbyname can be de-randomized in the config file
/etc/resolv.conf.

On Solaris systems, dns names are locally cached by nscd and dns
ttls are not respected, which is a violation of dns RFCs. the
length of time they are cached by nscd can be controlled in its
config file, and better yet you can configure nscd to not cache
at all for dns (technically "hosts" in its config file).

Hopefully os2 is similarly configurable. Maybe not.

-- 
Charles Clark | cmc at ralf.org | Salivo, ergo sum.
--
To unsubscribe, send 'unsubscribe proxyper' to majordomo at lists.distributed.net



More information about the proxyper mailing list