OT: DNS Failover
Leonard Isham
leonard.isham at gmail.com
Wed Aug 31 17:58:31 UTC 2005
On 8/31/05, Mike McGrath <mmcgrath at iesabroad.org> wrote:
>
>
> > -----Original Message-----
> > From: fedora-list-bounces at redhat.com
> > [mailto:fedora-list-bounces at redhat.com] On Behalf Of Thomas Cameron
> > Sent: Wednesday, August 31, 2005 12:11 PM
> > To: For users of Fedora Core releases
> > Subject: Re: OT: DNS Failover
> >
> > > If you are looking for failover of the looked-up addresses, in many
> > > cases you can always give out multiple addresses by
> > including them as
> > > A records for the same name. Browsers seem to be very good
> > at failing
> > > over on the client side if some of the returned addresses
> > don't work.
> >
> > Have you had success at that? I've found that Windows
> > clients tend to cache DNS results no matter what your TTL is,
> > and to only use the first IP address they get until their
> > internal cache expires. You basically have to run ipconfig
> > /flushdns to make a Windows box dump the IP address and
> > re-query the DNS server.
> >
> > Thomas
> >
> > --
> > fedora-list mailing list
> > fedora-list at redhat.com
> > To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
> >
> >
>
> Its good to know that this isn't as simple an answer as it seems it
> should be, I'll be testing the multiple A record possibility over the
> next week or two, I'll post the results. From what I understand having
> multiple A records can work in many occasions, but as far as DNS is
> concerned it wasn't designed to do that.
>
You could consider a HA/load balancer implementation at a highly
redundant third party data center to front-end the real IPs/sites like
Ultra Monkey http://www.ultramonkey.org/.
Might be able to use openvpn.net in a HA setup in the third party data
center and NAT to hide the real destination.
--
Leonard Isham, CISSP
Ostendo non ostento.
More information about the fedora-list
mailing list