[Off topic] Re: DNS based routing - Solution. From the DNS resolution
Fri, 28 Dec 2001 16:04:58 -0500
After my last reply, I read your solution again. One problem I see with
this type of solution is that it could have problems in a large high traffic
environment. Many companies use NAT, so one host (IP Address) could be
requesting either host. What happens if UserA wants box A and UserB wants
box B? Both requests are made at approximately the same time?[unlikely
scenario] Also, what happens in an environment like mine where I have my
users NAT'd with a NAT Pool? It's possible that the DNS request could come
from a different IP address then the actual request. Also, what happens in
an environment where DNS is being cached or proxied? If the DNS was cached
somehow, the IP router would never get the message to direct his request to
the proper place. If the company was using a DNS proxy server, then the DNS
request could come from a different IP address then the actual connection.
just my 2cp. if you want plat sorry, gotta go farm some giants.
----- Original Message -----
From: "Brian Chu" <firstname.lastname@example.org>
Sent: Thursday, December 27, 2001 7:23 PM
Subject: Re: DNS based routing - Solution. From the DNS resolution
> No one mentioned a solution, and so I'll present this, since I had a
> to do something like that, but not only for port 80, but for transparent
> access to a whole separate box. Pondered for about 4 months, but then the
> solution came to me in during an April edition of Slashdot, earlier this
> year: AVES. It works, because this is set up in Carnegie Mellon, and
> there's service to people that have computers that are connected to their
> network, either locally, or through college-provided DSL.
> This requires that you have access to the DNS server, and not only the
> service, but the server so you can run a customized version of bind. (I
> actually haven't tested it because I can't not use a non-customized
> of bind with the zone files I have lying around) As the DNS request is
> done, before the DNS server sends back the data to the client/requester,
> sends a message to the IP router, which is also running another daemon, to
> tell that the next connection from this (the DNS client's) IP is to be
> routed/mapped to this (the specified computer whose DNS name was just
> requested) computer. And when your computer makes the connection to the
> answered IP (from the DNS server), the destination computer knows exactly
> what comp you wanted.
> Clean (unlike mine) explanation:
> Hope this helps.
> Brian Chu
> ----- Original Message -----
> From: "Jim Fleming" <email@example.com>
> To: "Jason Pappas" <firstname.lastname@example.org>; <email@example.com>
> Sent: Thursday, December 27, 2001 7:11 PM
> Subject: Re: DNS based routing
> > ----- Original Message -----
> > From: "Jason Pappas" <firstname.lastname@example.org>
> > > Frankly, you are right. I am assuming an A record. Then again, it
> > > matter. There reverse web proxy uses what was typed into the web
> browser as
> > > the URL. That's what is passed to it via the Server Name variable.
> > >
> > > Seriously though. IPv6 and later is not going to be mainstream
> > > soon.
> > >
> > IPv6 is everywhere and nowhere. It is now a catch-all term that has
> > little meaning. As an example, InfiniBand claims to use IPv6, but when
> > one looks close, they see it just "looks like IPv6", in their own words.
> > Windows XP has IPv6, yet the 2002 AAAA records result in IPv4
> > packets being generated. People call that IPv6, NetFilter will see IPv4.
> > Returning to my other comment, AAAA records can be used without
> > IPv6. The big win from AAAA records is now the 16-bit UDP and TCP
> > port number can be specified. That never fit in the 32-bit A records.
> > With 128-bits, there is also room for many more useful triggers to help
> > give the NetFilters some traffic. TOS is one example. IPv8 is the
> > of ways to use the AAAA records to augment IPv4 and leverage off
> > of flexible structures like NetFilter and NAT.
> > Jim Fleming
> > http://www.IPv8.info
> > IPv16....One Better !!