Interesting A10 GSLB interop problem
Jack Bates
jbates at brightok.net
Wed Oct 26 18:27:49 CEST 2011
On 10/26/2011 2:03 AM, George Bonser wrote:
> That would be acceptable, too, but adding the A record in the
> additional might result in saving a lookup later. The point is that if
> a service doesn't have an IPv6 address, the GSLB unit shouldn't return
> the fallback CNAME as CNAMEs are common to both IPv4 and IPv6. It
> should only return the fallback CNAME if the resource has a V6 address
> but is down. If it doesn't have a v6 IP it can't be "broken", it
> simply needs to be redirected to the v4 IP.
Is there not a command to tell it that there isn't any IPv6? (ie,
disable IPv6 support for this zone)
This is the problem with using CNAME. Even if you were using IPv6, using
CNAME means that if IPv4 or IPv6 breaks, both will be sent to the
backup. This could be problematic in a situation where primary IPv4 is
good, backup IPv4 is bad, primary IPv6 is bad, backup IPv6 is good. By
using CNAME, you are fate sharing the protocols.
Don't get me wrong, there are GSLB situations where CNAME is great,
primarily in geolocation functions. In failover situations, it's
horrible. A/AAAA record replacement would be the ideal mechanism. So
ideally, you'd have CNAME geolocation, and then A/AAAA determination of
the new domain based on service availability for each protocol
independently. I'm disappointed A10 didn't adopt the approach (perhaps
because IPv6 was just hacked in without reconsideration of the entire
solution when utilizing a multi-protocol environment).
Jack
More information about the ipv6-ops
mailing list