HOWTO - Configure Load Balancing

This HOWTO assumes you want the DNS server to respond with different addresses in order to provide a simple load balancing solution. You have a choice of solutions based on what you want to do:

Balancing Mail
Balancing Other Services
Balancing Services
Controlling the Round Robin
Effectiveness of DNS Load Balancing

Balancing Mail

The normal method of handling mail fail-over is using the 'preference' value which is described in this note. However, using the MX record you can balance mail in two ways.

Define multiple MX records with the same priority e.g.
```
; zone file fragment
      IN  MX  10  mail.example.com.
      IN  MX  10  mail1.example.com.
      IN  MX  10  mail2.example.com.
....
mail  IN  A       192.168.0.4
mail1 IN  A       192.168.0.5
mail2 IN  A       192.168.0.6
```
The name server will deliver the MX records in the order defined by the rrset-order and the receiving SMTP software will select one based on its algorithm. In some cases the SMTP alogithm may work against the definition of the rrset-order statement. Current versions of sendmail (8.13.x), Exim (4.44) and Postfix (2.1 or 2.2) all have definitive references to indicate they randomly select equal preference servers (Postfix allows control of the behaviour with the smtp_randomize_addresses parameter) and consequentially may use an address which the rrset-order has carefully tried to change! qmail, courier-mta and Microsoft (Exchange and IIS SMTP) documentation does not appear to have definitive references to indicate how they handle this case.
The alternate approach is to define multiple A records with the same name and multiple IP addresses.
```
; zone file fragment
        IN  MX  10  mail.example.com.
....
mail    IN  A       192.168.0.4
        IN  A       192.168.0.5
        IN  A       192.168.0.6
```
In this case the load-balancing effect is under the control of BIND and the rrset-order record. In order to avoid problems if the receiving mail system does reverse look-up as a spam check then the PTR records for 192.168.0.4, 192.168.0.5, 192.168.0.6 above must all define to mail.example.com.

In all the above cases each mail server must be capable of handling and synchronising the load for all the mail boxes served by the domain, using some appropriate back-end to do this or by defining all but one server to be a relay or forwarder.

Balancing Other Services

Assuming you want to load share your ftp or web services then you simply define multiple A records with the same name and different IPs as in the example below.

; zone file fragment

ftp   IN  A   192.168.0.4
ftp   IN  A   192.168.0.5
ftp   IN  A   192.168.0.6
www   IN  A   192.168.0.7
www   IN  A   192.168.0.8

; or use this format which gives exactly the same result
ftp   IN  A   192.168.0.4
      IN  A   192.168.0.5
      IN  A   192.168.0.6
www   IN  A   192.168.0.7
      IN  A   192.168.0.8

The DNS will deliver all the IP addresses defined, the first IP address in the list will be in a default round robin (controlled by the rrset-order 'named.conf' statement). The FTP and WEB servers must all be exact replicas of each other in this scenario.

Balancing Services

The SRV record provides the kind of fine control that you are probably looking for to balance load with a fine level of granularity as well as provide some level of fail-over. It provides both priority and weight fields for this purpose. The SRV record description contains an example illustrating this kind of flexibility.

Controlling the order of RRs

You can control the order of RR that BIND supplies in response to queries by use of a rrset-order statement which works for any set of equal records (an RRset). The default behaviour is defined to be random-cyclic - a random selection of the initial order thereafter cyclic (round-robin). Experimentation with BIND 9.3.0 showed that the default is simply cyclic - though this could have been an artifact of a relatively small number of IP addresses.

Effectiveness of DNS Load Balancing

The previous sections have addressed some of the techniques that may be used to balance load using DNS functionality. However, the real question is, how effective can the DNS be in providing this balancing?

The effects of caching will distort the effectiveness of any IP address allocation algorithm unless a 0 TTL is used - which has the effect of significantly increasing the load on the DNS and is not always implemented consistently. Even if a 0 TTL worked consistently the cure may be worse than the disease. Good news we have great load balancing on our web servers. Bad news we need 17 more DNS servers!

Intuitively, and without running any experiments to verify, we would suggest that given a normal TTL (12 hours or more) and ANY IP allocation algorithm other than a single static list, loads should be reasonably balanced (measured by request arrivals at all the destination IP in the RRset) given the following assumptions:

Traffic is balanced over a number of DNS caches, that is, traffic originates from a number of ISPs or customer DNS cache locations. Specifically, there are no PATHOLOGICAL patterns where 90% (or some large'ish number) of the load originates from a particular cache/service.
Traffic volume is reasonably high (perhaps > 10,000 accesses per week) - since PATHOLOGICAL patterns are more likely in small traffic volumes.

What DNS load balancing cannot do is to account for service loading, for instance, certain transactions may generate very high CPU or resource loads. For this type of control only a local load balancer - one which measures service response times - will be effective.

Finally on this topic, if you still consider that a DNS solution will do the trick if only you could perfectly control the order of IP address generation, then you could use BIND 9's SDB API to achieve the result (or one of the available libraries).

Problems, comments, suggestions, corrections (including broken links) or something to add? Please take the time from a busy life to 'mail us' (at top of screen), the webmaster (below) or info-support at zytrax. You will have a warm inner glow for the rest of the day.