OT: DNS Failover
Mike McGrath
mmcgrath at iesabroad.org
Wed Aug 31 20:36:59 UTC 2005
> -----Original Message-----
> From: fedora-list-bounces at redhat.com
> [mailto:fedora-list-bounces at redhat.com] On Behalf Of Benjamin Franz
> Sent: Wednesday, August 31, 2005 2:42 PM
> To: For users of Fedora Core releases
> Subject: Re: OT: DNS Failover
>
> On Wed, 31 Aug 2005, Mike McGrath wrote:
>
> > I'm curious about how others in the Fedora community are doing DNS
> > failover. Specifically I have two sites, one primary (in a large
> > city) and one secondary (out in the middle of nowhere).
> The idea is
> > that we'd host DNS out of the secondary site to use the web
> servers in
> > the primary site.
> >
> > My question is how are people handling outages at the main
> site. If
> > the primary site burns down or all the servers get stolen or
> > something, is my only option a manual of the configs to
> point from one to the other?
>
> Slightly different than what you are asking, but we
> multi-home our servers and placed a DNS server in each IP net
> that returned _only_ the addresses for that subnet with a 900
> second TTL. If we experience loss of IP on one pipe, that
> renders the appropriate DNS server immediately unreachable
> leaving only the good pipe's addresses being returned on
> fresh queries while the stale unreachable addresses will
> expire within 15 minutes.
>
> This has worked very well for us in practice since the only
> people impacted by a loss of a pipe are those who were
> actually browsing our website servers via the down net in the
> few minutes before the network outage while lettings us get
> the good routing of being in two large tier-1 ISP routing
> blocks (IP blocks of less than roughly a /18 just don't get
> good routing IME because of backbone routers dropping small
> subnet routes).
>
> The problem with browsers caching IPs until the browser is
> killed is not fully soluble via any DNS based system.
>
> You can trade that for a portable block of IP addresses and
> broadcast your routes, but you wil take a hit on normal
> routing of a small subnet and on the reconvergence time of
> routes after any failure.
>
> There are no perfect solutions to this issue, AFAIK. Every
> solution will have some failure mode that will impact you
> more or less depending on your own requirements.
>
> --
> Jerry
>
> Simple things should be simple, complex things should be possible.
> - Alan Kay
>
> --
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
>
>
Thats an interesting way of doing it. I'll have to test that out too.
Thanks everyone for your comments.
-Mike
More information about the fedora-list
mailing list