A more secure way to distribute users over the irc net ?

kuato · Post by **kuato** » Sun Jun 12, 2005 10:19 pm

Hi folks greetings from Argentina, as a novice user i got many questions to ask but in this time i will ask just one: Is there any way to distribute the users over my irc net without the need of a random domain ? making public only one ip ? for example getting a hub to act like a collector where all the users log in and then redirect them to other servers ? . remember that i am a novice user ! dont get mad on me if this is an impossible

Jason · Post by **Jason** » Mon Jun 13, 2005 1:32 am

It is impossible for load balancing for the connection. You could use a round-robin proxy, but then all users would have to go through that computer's connection and would all appear to the ircd to have the same ip, making g/klines impossible.

The only way to really do what you want is to have a domain name whose DNS entry has multiple A records, but then the other IPs would be visible. Sorry.

aquanight · Post by **aquanight** » Tue Jun 14, 2005 3:05 am

DALnet does this. I hate it enormously. Mainly because I can never connect via the "pool." But you can probably ask them how they did it.

w00t · Post by **w00t** » Tue Jun 14, 2005 3:41 am

Their system sucks, yes. olene had an interesting idea on this topic, but it'd require extensions to the servers. See: http://olene.net/rofl/prm.txt

Of course, such a system would really only work for the larger networks or a network with resources to burn

.

TNLTRPB · Post by **TNLTRPB** » Mon Jun 27, 2005 8:10 am

Well, on my network I use a "round robin" type of DNS. With zoneedit, all I do is just set up new A entries with the same name but different IPs to direct to.

I.E. Say server1 has IP 1.2.3.4 and server2 has IP 5.6.7.8

Here's how my address entries would look:

irc.mynet.com -> 1.2.3.4
irc.mynet.com -> 5.6.7.8

The DNS servers are in charge of splitting the load between the different servers, and it works flawlessly for me. The only disadvantage to this would be if a server went down for an extended period of time, the DNS wouldn't realize this, and users would get "Connection Timed Out" messages while DNS was forwarding to that particular IP address.

Winbots · Post by **Winbots** » Tue Jun 28, 2005 4:28 am

TNLTRPB wrote:Well, on my network I use a "round robin" type of DNS. With zoneedit, all I do is just set up new A entries with the same name but different IPs to direct to.

I.E. Say server1 has IP 1.2.3.4 and server2 has IP 5.6.7.8

Here's how my address entries would look:

irc.mynet.com -> 1.2.3.4
irc.mynet.com -> 5.6.7.8

The DNS servers are in charge of splitting the load between the different servers, and it works flawlessly for me. The only disadvantage to this would be if a server went down for an extended period of time, the DNS wouldn't realize this, and users would get "Connection Timed Out" messages while DNS was forwarding to that particular IP address.

yes that is the most common, but it is easy to get a list of all ips listed for a domain, http://dnsstuff.com/

kuato · Post by **kuato** » Fri Jul 01, 2005 2:30 am

Yeap , the most common way is to create a random domain but it isnt secure enough, any alternative to that ?

Matridom · Post by **Matridom** » Fri Jul 01, 2005 3:11 am

kuato wrote:Yeap , the most common way is to create a random domain but it isnt secure enough, any alternative to that ?

secure? you don't want it to be secure, people NEED to know the IP address in order to connect

if people are connecting, they will be able to get the IP address, regardless of how you route the info, share the load, unless you use proxies.

connect to a server, run netstat and presto, there are the IP's of all connections