OT: DNS Failover

Benjamin Franz snowhare at nihongo.org
Wed Aug 31 19:42:00 UTC 2005 

On Wed, 31 Aug 2005, Mike McGrath wrote:

> I'm curious about how others in the Fedora community are doing DNS
> failover.  Specifically I have two sites, one primary (in a large city)
> and one secondary (out in the middle of nowhere).  The idea is that we'd
> host DNS out of the secondary site to use the web servers in the primary
> site.
>
> My question is how are people handling outages at the main site.  If the
> primary site burns down or all the servers get stolen or something, is
> my only option a manual of the configs to point from one to the other?

Slightly different than what you are asking, but we multi-home our servers 
and placed a DNS server in each IP net that returned _only_ the addresses 
for that subnet with a 900 second TTL. If we experience loss of IP on one 
pipe, that renders the appropriate DNS server immediately unreachable 
leaving only the good pipe's addresses being returned on fresh queries 
while the stale unreachable addresses will expire within 15 minutes.

This has worked very well for us in practice since the only people 
impacted by a loss of a pipe are those who were actually browsing our 
website servers via the down net in the few minutes before the network 
outage while lettings us get the good routing of being in two large tier-1 
ISP routing blocks (IP blocks of less than roughly a /18 just don't get 
good routing IME because of backbone routers dropping small subnet 
routes).

The problem with browsers caching IPs until the browser is killed is not 
fully soluble via any DNS based system.

You can trade that for a portable block of IP addresses and broadcast your 
routes, but you wil take a hit on normal routing of a small subnet and on 
the reconvergence time of routes after any failure.

There are no perfect solutions to this issue, AFAIK. Every solution will 
have some failure mode that will impact you more or less depending on your 
own requirements.

-- 
Jerry

Simple things should be simple, complex things should be possible.
                                          - Alan Kay

More information about the fedora-list mailing list