Bug #3832: ns2.nceas.ucsb.edu slow to propagate changes - Infrastructure - DataONE Tasks

Bug #3832

ns2.nceas.ucsb.edu slow to propagate changes

Added by Dave Vieglais almost 11 years ago. Updated almost 11 years ago.

Status:

Closed

Priority:

High

Assignee:

Nick Outin

Category:

Support Operations

Target version:

Start date:

Due date:

% Done:

100%

Milestone:

None

Product Version:

Story Points:

Sprint:

Description

ns2.nceas.ucsb.edu is updating after 30-40 minutes which is far slower than the < 1 minute expected response time.

It seems likely that this is a configuration issue, and need to be addressed to make effective use of this backup DNS server.

Is there anything that can be done to ensure DNS changes propagate in a more timely manner?

History

#1 Updated by Nick Outin almost 11 years ago

Status changed from New to In Progress

I changed the following in db.dataone.org on NS1:

TTL from 86400 to 300
Refresh from 3600 to 60
Retry from 900 to 60

It looks like the Refresh setting is what controls NS2 updates, but TTL should help speed things up too. Retry was changed just to keep it in linke with Refresh.

Probably need to wait for the new settings to propagate before testing.

#2 Updated by Nick Outin almost 11 years ago

I think the NS1 to NS2 notifications were not working because of a missing allow-transfer settings. After updating and reloading Bind on NS1, NS2 is immediately updated.

#3 Updated by Nick Outin almost 11 years ago

I changed these setting back to their original now that change notifications appear to be working.

Nick Brand wrote:

I changed the following in db.dataone.org on NS1:

TTL from 86400 to 300
Refresh from 3600 to 60
Retry from 900 to 60

It looks like the Refresh setting is what controls NS2 updates, but TTL should help speed things up too. Retry was changed just to keep it in linke with Refresh.

Probably need to wait for the new settings to propagate before testing.

#4 Updated by Nick Outin almost 11 years ago

Status changed from In Progress to Closed
% Done changed from 0 to 100

Here's Fix #3, this one is tested and really fixes the problem.

The problem is that transfers from NS1 to NS2 were only updated in the internal view. Tests from an "internal" network (nceas, dataone) wil show the updates immediately, while testing from any other "external" network took a long time to update.

The fix was to add TSIG keys to the config files on both views on both servers. The details are here:
https://deepthought.isc.org/article/AA-00296/0/My-slave-server-for-both-an-internal-and-an-external-view-has-both-views-transferred-from-the-same-master-view-how-to-resolve-.html

I verified the problem from an external network, applied the changes, and verified that both views on NS2 are updated immediately.

Also available in: Atom PDF