New DNS functionality in patch 9.

In this new firmware update, we have external mappings. For example, if there are two xroads units, 1 up and 1 in failover, both will have external mappings to one another for instances of round robin DNS. Example: ns1, ns2 point to one box, ns3 points to another. If the first box is up and the second one is in failover, and a client tries to browse to xyz.com and gets the ns3, it will go to the failover box. However, now with the external feature, the client will be redirected to the box that is up and running, box one.

Customer Questions:

Since we are doing our load-balancing via dns servers, what happens when dns is cached across the internet?

Yes the Internet (i.e. DNS servers on the Internet) does cache DNS information.

To be more specific, the Edge router provides each server address to the various DNS servers and clients that request them. Each time a request is made the addresses are provided in a different order, and each DNS request times out within five minutes. Therefore there is a constant change in which WAN interface is used for the inbound traffic, and thus the bandwidth on each interface is "load-balanced". Additionally, various administrative parameters can be changed in order to adjust how the load-balancing is affected.

Customer Questions:

- If you have to set the expire time for DNS to 300 sec instead of whatever the standard is (ours is 604800), doesn't this mean we are going to generate even more network traffic than we already have?

1) Yes, you are correct that additional DNS queries will be made, however the average DNS request is tiny (less than .5 Kbytes), and this is smaller then just about any other type of traffic. Other redundancy solutions, like BGP or OSPF, use much larger packets than our dynamic DNS solution.

- What happens when requests are initially sent to ns2 first instead of ns1 while the T1 line hasn't hit the threshold? Will the requests be rerouted back to ns1? If so, won't this add extra time to the overall process?

2) There is no additional processing time required based on the WAN link the request came in on. Both ns1 and ns2 on the Edge device respond dynamically. They are not tied to either WAN interface. So if a request came in on WAN1, it could provide WAN2's IP information if that is how the vector routing engine has determined its response.