ablog

不器用で落着きのない技術者のメモ

Amazon Provided DNS の制約

Packet per Second (PPS) per Network Interface Limit

Each network interface in an Amazon VPC has a hard limit of 1024 packets that
it can send to the Amazon Provided DNS server every second. Therefore, a
computing resource on AWS that has a network interface attached to it and is
sending traffic to the Amazon DNS resolver (for example, an Amazon EC2
instance or AWS Lambda function) falls under this hard-limit restriction. In this
whitepaper, we refer to this limit as packet per second (PPS) per network
interface. When you’re designing a scalable solution for name resolution, you
need to consider this limit because failure to do so can result in queries to the
Amazon Web Services – Hybrid Cloud DNS Solutions for Amazon VPC

Amazon DNS server to go unanswered if the limit is breached. This limit is a key
factor that we’ll consider for the solutions proposed in this whitepaper.

https://d1.awsstatic.com/whitepapers/hybrid-cloud-dns-options-for-vpc.d47b2edf09d740c095679cf2dfbd52e9ebcb5c5e.pdf

次はdigでDNSの状況を確認します。cluster1.cluster-ro-abcdefghijkl.ap-northeast-1.rds.amazonaws.comのTTLは1秒になっているようです。

[ec2-user@ip-192-0-2-1 ~]$ dig cluster1.cluster-ro-abcdefghijkl.ap-northeast-1.rds.amazonaws.com

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.37.rc1.45.amzn1 <<>> cluster1.cluster-ro-abcdefghijkl.ap-northeast-1.rds.amazonaws.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56918
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;cluster1.cluster-ro-abcdefghijkl.ap-northeast-1.rds.amazonaws.com. IN A

;; ANSWER SECTION:
cluster1.cluster-ro-abcdefghijkl.ap-northeast-1.rds.amazonaws.com. 1 IN	CNAME aurora-c1.abcdefghijkl.ap-northeast-1.rds.amazonaws.com.
aurora-c1.abcdefghijkl.ap-northeast-1.rds.amazonaws.com. 5 IN A	172.31.29.133

;; Query time: 27 msec
;; SERVER: 172.31.0.2#53(172.31.0.2)
;; WHEN: Thu Sep  8 23:21:28 2016
;; MSG SIZE  rcvd: 136

[ec2-user@ip-192-0-2-1 ~]$ dig cluster1.cluster-ro-abcdefghijkl.ap-northeast-1.rds.amazonaws.com

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.37.rc1.45.amzn1 <<>> cluster1.cluster-ro-abcdefghijkl.ap-northeast-1.rds.amazonaws.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13573
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;cluster1.cluster-ro-abcdefghijkl.ap-northeast-1.rds.amazonaws.com. IN A

;; ANSWER SECTION:
cluster1.cluster-ro-abcdefghijkl.ap-northeast-1.rds.amazonaws.com. 1 IN	CNAME aurora-a2.abcdefghijkl.ap-northeast-1.rds.amazonaws.com.
aurora-a2.abcdefghijkl.ap-northeast-1.rds.amazonaws.com. 5 IN A	172.31.6.104

;; Query time: 27 msec
;; SERVER: 172.31.0.2#53(172.31.0.2)
;; WHEN: Thu Sep  8 23:21:31 2016
;; MSG SIZE  rcvd: 136
【新機能】Amazon Aurora で読み込みエンドポイントが利用可能になりました | Developers.IO
Reader Endpoint

Reader EndpointはAWS RDSの機能として用意されたもので、特別な設定をすることなく利用できます。
クラスタ内のRead Replica全てに均一に分散するもので、特定のRead Replicaを対象から外すといったことはできません。
短い時間(1秒ごと)でCNAMEを切り替えてラウンドロビンするような実装となっており、実際はロードバランサではありません。

Amazon RDS Read ReplicaをNLBでロードバランシングする - Qiita