jdev - 2019-11-22

I have a question about DNS SRV setup for xmpp server for a cluster of XMPP servers. Anyone able to help?

dandan, ask your question, if someone can answer they’ll do so.

They can’t if you don’t ask.

Sure, Thanks.

The question is that I have a cluster of 2 nodes (very simple) deployed on AWS.

I have setup DNS SRV records correctly (hopefully) for all servers.

Now the question is that in case I do not use a load balancer for my servers, to what address should my clients connect to?

For instance if my configuration is as below: 0 5 5223 server1.mydomain.com 0 5 5223 server2.mydomain.com for _xmpps-client._tcp.mydomain.com then to what address should my clients connect?

should they connect to server1.mydomain.com or server2.mydomain.com?

yes

they should pick one of them with about 50/50 chance

Yes but that would be up to the client then and different from what load balancer is.

yes

As far as I have understood, these records are supposed to do the work of load balancer.

but what you pasted amounts to 50/50 load balancing

dandan, without any software required in front of your server.

What do you mean Link Mauve?

Ah sure. Yes. I mean no load balancing will be needed in that case. But how the client should decide what server to choose? The client has no idea about the load.

dandan: if you want more control then use a load balancer

dandan, it will pick one at random, throw a coin, and go for that one.

The client literally flips a coin

flip*, that’s the word.

Thanks. ^^

Ok then. I see.

but if it for whatever reason can't establish a connection to the chosen one it should try the other

I see. Well is it really realiable? I mean a NLB seems to be a better solution, or?

No idea what "NLB" is

Network Load Balancer

It's up to you

more moving parts etc

If this is totally random by the client side, so why the wight is decided on the server side in DNS record?

dandan: refer to the algorithm here https://tools.ietf.org/html/rfc2782

I mean 50%, 30%, etc.

dandan: that's what the second number is

dandan, because the administrator might have provisioned different size of servers.

So they prefer clients to flip a four-faced coin and go 25% of the time to one physical server, 75% of the time to another one.

Or any other possible combinaison.

dandan: in your example you have 5 and 5 as weight. so each entry should have a 5/10 = 50% chance of being selected first

Yes I know. This is an example.

OK. Then so if I have 4 servers of shared load of 50%, 30% and 20% then I should flip a dice of 3 sides with respective probabilities?

if you set up SRV records like that, yes

OK thanks. One more question if you don't mind.

Is it OK not to set DNS SRV records and just go for load balancer?

of course

altho for xmpps you do need them

I am asking because for instance Openfire will complain when DNS SRV records are not set.

For normal _xmpp-client record (non-xmpps), you need either a SRV record or a A record, if the user will only ever connect to a single server (or load-balancer).

Openfire will warn, but will operate fine.

You can set both but the end result will be identical.

Yes I have observed that it work as it should but I was wondering if this is recommended to set DNS SRV records or not.

Yes sure. The result will be identical as you said.

You only need a SRV record if you plan to use xmpps (XEP-0368), or if you want to use the inherent “load” balancing SRV provides with multiple records.

or if you want to run a cluster

I run a cluster.

or if you run on a server for which the host name doesn't match the XMPP domain name

or if you wanna use a non-standard port or point at a different machine/A record

and want it to be scalable.

(what Guus said)

generally, DNS SRV records are good.

Openfire should give you concrete examples of DNS SRV records suitable for your instance.

dandan: If I were you I'd worry about using a separate load balancer later if it turns out you need one

but a general grasp of the concept is good to have, so that you can make informed decisions.

Yes I know. But I mean if I use a load balancer then I don't need to set DNS SRV records that are recommended by Openfire.

It's easy to change DNS

dandan: what's the point of a cluster if you put a single point of failure load balancer in front?

(capacity, probably)

Well, I might be wrong, but by having a cluster I will be able to have fail-over config and scale the system.

dandan, it won't fail over a failing loadbalancer.

He said AWS, isn't it cheaper to run 1 big server vs 2 small?

The load balancer in AWS AFAIK is not a single point failure system since the load balancer itself will be scaled. I might be wrong though.

Oh, I dropped in half way through the conversation - I missed that.

Fail-over is also definitely possible with SRV records, if the coin flipped by the client leads it to a dead end^Wserver, it will fallback to the other one(s).

but yeah, DNS SRV records are less complex by an order of magnitude

that's generally good.

a lot cheaper too, presumably

you can have 1 5 5222 first-choice.example.com 2 5 5222 second-choice.example.com etc

dandan: are you running them both in the same AWS datacenter too?

Yes Zash?

Then choose randomly between them?

Yes mopasisthebest.

dandan: so single point of failure again

dandan: no, they get tried in order of the priority (first number)

Whole AWS datacenters fail often

dandan i suggest you read up on DNS SRV. They're pretty versatile, and easy to work with. You can always invest in load balancers if you feel that DNS SRV doesn't suit your needs.

Thanks Guus.

wikipedia comes with a handy example

Ok, I'm off to bed

Zash the question is that how the client will know that for instance the first server is loaded and chose the second one?

dandan: it doesn't

dandan: it sorts the records by priority and if there are multiple with the same priority it'll shuffle them and pick by weight. if the connection fails it removes that one and tries the whole thing again (roughly)

the RFC moparisthebest linked explains how it works, I recommend you read it

and as I said, if you need more control then use a load balancer

But you probably don't, and regardless don't run all your services in the same DC if you are after reliability

Yes you are right.

I will read the link that moparisthebest sent.

load balancing and high availability at the same time is non-trivial. most xmpp clustering solutions are focused on load balancing afaik

Definitely need to read more about it.

Zash you mean that the clients have knowledge about all servers that a DNS SRV record has been assigned to it?

I don't understand the question

Like your example, a client will also have the list of all serves you listed?

client would query for the SRV records, receive a list

first-choice, second-choice ?

?

If you query for _xmpp-client._tcp.example.com you get an aswer with all the SRV records there

Aha ok. That is what I wanted to know. Is there any special command for querying in XMPP client libraries like Smack for instance or this should be done in other ways?

then it follows the sorting algorithm and tries to connect until it gets a connection or runs out of options

I know nothing of Smack, can't help you with that.

OK. Thanks a lot all of you for your kind help.

Smack does SRV lookup by default

It'll actually warn you if you're connecting to a domain that has no SRV records