OT: DNS Failover

Mike McGrath mmcgrath at iesabroad.org
Wed Aug 31 20:36:59 UTC 2005 

 

> -----Original Message-----
> From: fedora-list-bounces at redhat.com 
> [mailto:fedora-list-bounces at redhat.com] On Behalf Of Benjamin Franz
> Sent: Wednesday, August 31, 2005 2:42 PM
> To: For users of Fedora Core releases
> Subject: Re: OT: DNS Failover
> 
> On Wed, 31 Aug 2005, Mike McGrath wrote:
> 
> > I'm curious about how others in the Fedora community are doing DNS 
> > failover.  Specifically I have two sites, one primary (in a large 
> > city) and one secondary (out in the middle of nowhere).  
> The idea is 
> > that we'd host DNS out of the secondary site to use the web 
> servers in 
> > the primary site.
> >
> > My question is how are people handling outages at the main 
> site.  If 
> > the primary site burns down or all the servers get stolen or 
> > something, is my only option a manual of the configs to 
> point from one to the other?
> 
> Slightly different than what you are asking, but we 
> multi-home our servers and placed a DNS server in each IP net 
> that returned _only_ the addresses for that subnet with a 900 
> second TTL. If we experience loss of IP on one pipe, that 
> renders the appropriate DNS server immediately unreachable 
> leaving only the good pipe's addresses being returned on 
> fresh queries while the stale unreachable addresses will 
> expire within 15 minutes.
> 
> This has worked very well for us in practice since the only 
> people impacted by a loss of a pipe are those who were 
> actually browsing our website servers via the down net in the 
> few minutes before the network outage while lettings us get 
> the good routing of being in two large tier-1 ISP routing 
> blocks (IP blocks of less than roughly a /18 just don't get 
> good routing IME because of backbone routers dropping small 
> subnet routes).
> 
> The problem with browsers caching IPs until the browser is 
> killed is not fully soluble via any DNS based system.
> 
> You can trade that for a portable block of IP addresses and 
> broadcast your routes, but you wil take a hit on normal 
> routing of a small subnet and on the reconvergence time of 
> routes after any failure.
> 
> There are no perfect solutions to this issue, AFAIK. Every 
> solution will have some failure mode that will impact you 
> more or less depending on your own requirements.
> 
> --
> Jerry
> 
> Simple things should be simple, complex things should be possible.
>                                           - Alan Kay
> 
> --
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
> 
> 

Thats an interesting way of doing it.  I'll have to test that out too.
Thanks everyone for your comments.

	-Mike

More information about the fedora-list mailing list