RE: [load balancing] Verisign and Load Balancers

From: G. Jules Huang (jhuangIZZAThydraweb.com)
Date: Fri Feb 23 2001 - 21:47:14 EST

  • Next message: Nimesh Vakharia: "HydraGPS load balancing was RE: [load balancing] Verisign and Load Balancers"

    HydraWEB's new product HydraGPS avoids those DSN pitfalls you
    mentioned.

    It's currently in Beta Trial. For more information go to our
    web site: http://www.hydraweb.com/products/hydragps/index.html

    Jules

    -----Original Message-----
    From: owner-lb-lIZZATvegan.net [mailto:owner-lb-lIZZATvegan.net]On Behalf Of KJ
    & JC Salchow
    Sent: Wednesday, February 21, 2001 5:28 PM
    To: lb-lIZZATvegan.net
    Subject: Re: [load balancing] Verisign and Load Balancers

    Speaking of Microsoft (and I'll probably have to turn in my MCSE lapel pin
    after this), has anyone else been affected by the seemingly weird
    conventions used in IE 5.0 in relation to Load Balancing? Of course after
    all of the SSL talk - which from an LB standpoint came from the short TTL on
    the SSL ID cache implemented in IE 5.0 - I'm sure we have all been bitten,
    but I just found out something new that I'd like some ideas on.

    This is about Global Load Balancing - or load balancing between multiple
    sites (subnets?). I recently discovered that IE 5.0 (I haven't heard of
    this before hand) caches DNS entries for 30 minutes by default. The bad
    thing is that even if a site is down, it still hangs on to the address for -
    30 minutes. Many, if not all, of the global load balancing methods require
    that during the initial connect - a DNS reply with multiple IP addresses is
    supplied - that way if the primary is dead, the browser should use the
    secondary address. This is basic DNS.

    Microsoft's browser no longer does this. It takes one IP address and one
    only. Additionally, it will not ask again until the cache on the first one
    expires. I have recently seen a test case of this - Netscape worked
    perfectly.

    In addition, earlier today, while attempting to authenticate to a protected
    site - an IE browser prompted for my authentication, but after it was
    denied, would not prompt me again until I closed the browser and opened a
    new one.

    I am sure that all of these items can be corrected by changing settings in
    the browser (registry), but if these are the default settings, things are
    going to get ugly. Anyone else seen these things or have some global
    solution?

    Thanks

    Ken



    This archive was generated by hypermail 2b30 : Fri Feb 23 2001 - 22:47:21 EST