I have recently come across several related issues which I have tracked
down
to nginx and the way it handles DNS.
I run nginx as a proxy for several back end services. It works really
well,
except for 1 thing.
My proxy_pass refers to an upstream which points to a DNS entry.
That DNS entry is a CNAME with a TTL of 60 seconds.
Nginx doesn’t appear to be honoring that TTL. This has happened twice
now.
My upstream DNS information has changed, pointing to a new IP address.
Instead of recovering withing 1 minute (which would happen if TTLs were
being honored), I have had to restart nginx.
When I searched for it, I found that nginx doesn’t appear to honor TTLs,
at
all (Does Nginx honor DNS TTLs for proxy upstreams? - NGINX - Ruby-Forum).
What I’m hoping to find out, is why?
Why does nginx cache DNS entries, instead of referring to the operating
system? The OS has DNS handling built in. It respects TTLs, and it works
perfectly. Nginx, on the other hand, is effectively broken as a load
balancer, since upstreams might change IP addresses at any time (which
is
why we’re using DNS names, instead of IP addresses.
Thanks,
Noah
Noah,
Right, thanks for your observation. It really took a while, but we’re
actually about to fix this one shortly.
Thanks for the reply Andrew. Do you have any idea when it’s likely to be
generally available? This is a pretty big nuisance for us, and I’d like
to be able to figure out if I need to look at using a new reverse proxy,
at least for the time being.
–Noah
Noah,
This fix/improvement be introduced in 1.1.8 which will come out around
Nov 14.
Hope this helps
On Nov 3, 2011, at 1:50 PM, Andrew A. wrote:
Noah,
This fix/improvement be introduced in 1.1.8 which will come out around Nov 14.
Apologies, it didn’t get in either 1.1.8 (yesterday) or 1.1.10 (today).
It’s almost ready and would hopefully get into the next dev and stable
releases in a couple of weeks.
On Nov 15, 2011, at 1:50 PM, Andrew A. wrote:
On Nov 3, 2011, at 1:50 PM, Andrew A. wrote:
Noah,
This fix/improvement be introduced in 1.1.8 which will come out around Nov 14.
Apologies, it didn’t get in either 1.1.8 (yesterday) or 1.1.10 (today). It’s
almost ready and would hopefully get into the next dev and stable releases in a
couple of weeks.
Jfyi, it went committed today
http://mailman.nginx.org/pipermail/nginx-devel/2011-November/001466.html
http://nginx.org/en/docs/http/ngx_http_core_module.html#resolver
and will be included in 1.1.9.
Hello!
On Mon, Feb 06, 2012 at 03:03:14PM +0000, Jonathan M. wrote:
Jfyi, it went committed today
[nginx] svn commit: r4296 - trunk/src/core
Module ngx_http_core_module
and will be included in 1.1.9.
You mentioned it’d be in stable at some point.
I can’t find it in any subsequent 1.0.x announcement - could you
clarify the status of this feature in stable please?
It’s not in 1.0.x, and probably won’t be. The 1.1.x branch is
expected to become stable in near future.
Maxim D.
That’s great news. Thank you very much. I’ll be sure to get hold of it
as soon as 1.1.9 is released.
–Noah
On 16 November 2011 14:00, Andrew A. [email protected] wrote:
Jfyi, it went committed today
[nginx] svn commit: r4296 - trunk/src/core
Module ngx_http_core_module
and will be included in 1.1.9.
You mentioned it’d be in stable at some point.
I can’t find it in any subsequent 1.0.x announcement - could you
clarify the status of this feature in stable please?
Many thanks,
Jonathan
Jonathan M.
London, UK
http://www.jpluscplusm.com/contact.html