I have a company that is interested in hosting a backup site with us. They host their own site with their own name servers. They want to put a backup site on my servers in case their web and name servers go down. Additionally they only want the backup site to be called if the main site is down.

My plan is to just setup the account like normal and have them add my nameservers as third and fourth name servers with their registrar.

1) Will this accomplish what I need?

2) Will the name server lookup occur in the order that they are assigned to the domain name.

3) In the event that their web server goes down, will they have to down their name servers for this to work?

4) Could there be any possible adverse effects from this setup?


TIA

Originally posted by DanDaMan
I have a company that is interested in hosting a backup site with us. They host their own site with their own name servers. They want to put a backup site on my servers in case their web and name servers go down. Additionally they only want the backup site to be called if the main site is down.

My plan is to just setup the account like normal and have them add my nameservers as third and fourth name servers with their registrar.

1) Will this accomplish what I need?

2) Will the name server lookup occur in the order that they are assigned to the domain name.

3) In the event that their web server goes down, will they have to down their name servers for this to work?

4) Could there be any possible adverse effects from this setup?


TIA

1. Yes, it will.

2. Yes, it will.

3. Yes, they will.

4. Yes, there may be. If their nameservers are still online, your nameservers will do no good.

Thank you...

I will tell my client to take down their name servers in the event that their web server goes down.

I think the answer to #2 is it depends on the resolver/cache. BIND tries them all but eventually it will use the closer ones more frequently. djbdns (dnscache) will use them in round robin fashion.

1) Will this accomplish what I need? - Nope. Well, if you don't mind both servers getting hit at once, it will work. Your backup server will get hits. Depending on who has faster nameservers, your backup may become the primary in terms of usage.

2) Will the name server lookup occur in the order that they are assigned to the domain name. - Nope. Whichever nameserver answers first will be used.

3) In the event that their web server goes down, will they have to down their name servers for this to work? - Yes.

4) Could there be any possible adverse effects from this setup? - Yes.

Here's what we do. Everything goes a little easier for us since BIND runs on the same machines as the web/database/email servers.

Our backup server checks for the main server. If the main is unreachable, we turn on BIND pointing to the backup. When the main is back up, we turn off BIND pointing to the backup. We run 60 second TTL's, so everything switches over real nicely, but it increases lookups. Not a big deal for us, but may get out of hand with a really busy site.

We were going to look into IP takeover, but it seems a little over the top for what we needed.

We rsync to the backup nightly. All email goes to the main, so when it's down, people can't check/get new email. But since MX records point to the main, nothing gets lost or bounced if it's down, since it's always DNS'ed.

We don't master/slave our database, since a lot of our database entries tie into other things, like image uploads. So the backup is a day behind. Not a big deal for us.

Originally posted by driverdave
1) Will this accomplish what I need? - Nope. Well, if you don't mind both servers getting hit at once, it will work. Your backup server will get hits. Depending on who has faster nameservers, your backup may become the primary in terms of usage.


Every sane resolver library will only query *one* nameserver, and it will be any one of the set listed. The order they are returned in will be rotated by BIND (and probably other DNS servers), and the resolver library may choose one "at random" as well.

By no means does each DNS lookup send a simultaneous query to all listed nameservers. That would generate a lot of wasted traffic and load.

Kevin

Originally posted by sigma
Every sane resolver library will only query *one* nameserver, and it will be any one of the set listed. The order they are returned in will be rotated by BIND (and probably other DNS servers), and the resolver library may choose one "at random" as well.

By no means does each DNS lookup send a simultaneous query to all listed nameservers. That would generate a lot of wasted traffic and load.

The RFC clearly states that the resolver should query all nameservers in parallel.

Also, this has been discussed before:

http://www.webhostingtalk.com/showthread.php?s=&threadid=28780

Originally posted by bitserve

The RFC clearly states that the resolver should query all nameservers in parallel.


Please cite the RFC. I believe what's being referred to here is some creative coding in BIND, where it will track the "RTT penalty" value for each NS it happens to query, but 1) this is apparently not mentioned in RFCs, and 2) I've found no reference to queries being made in parallel - rather, BIND simply accumulates results from multiple nameservers as multiple queries are made over time.

Disclaimer: I haven't read the BIND source lately.

Disclaimer: Resolver libraries != BIND. There are other DNS servers than BIND, as well.

Citation: Question 2.21 of the comp.protocols.tcp-ip.domains Frequently Asked Questions:
http://www.faqs.org/faqs/internet/tcp-ip/domains-faq/part1/

From a purely empirical consideration, it seems that if every initial lookup requires N queries be sent, where N is possibly two, or possibly the number of NS records listed for a domain, depending on who you ask, then you're slowing down the client system by generating unnecessary traffic. If the client system is connected non-broadband this really becomes significant. Never mind about the accumulated traffic across all clients.

Kevin

I am by no means an expert in DNS.

I was just going by this site, which has helped me out a lot.

http://www.acmebw.com/askmrdns/archive.php?category=83&question=3

Is this wrong?

Originally posted by driverdave
I am by no means an expert in DNS.

I was just going by this site, which has helped me out a lot.

http://www.acmebw.com/askmrdns/archive.php?category=83&question=3

Is this wrong?

I believe the information there is essentially correct, given that it is describing the behavior of BIND and a "Standard" resolver library. However, that document does *not* say that all nameservers (or even just two) are queried in parallel. It says "in the case of a tie, it picks among them at random." And also points out that "when a name server first caches a list of NS records, the RTT for all of them is zero."

One could read that article with the notion that parallel queries are done, and not find anything to contradict it. But it doesn't put that idea forth itself. I have read that there are resolver implementations that do this; however, I do not believe it is in RFC (nor that it is generally a good idea), and neither is the RTT selection behavior of BIND, in fact.

Kevin