Results 1 to 13 of 13
  1. #1

    Poor Man's DNS Failover Concept (need Feedback)

    I have been pondering automatic DNS failover for a while, and am looking for some technical feedback on the following scheme

    2 Geographically Diverse Servers running BIND and Apache
    Server #1
    NS1.DOMAIN.COM (1.1.1.1)

    Server #2
    NS2.DOMAIN.COM (2.2.2.2)

    Then set up each DNS server with a low TTL for round-robin as follows

    Server #1
    www IN A 1.1.1.1
    www IN A 2.2.2.2

    Server #2
    www IN A 2.2.2.2
    www IN A 1.1.1.1

    The trick? is reversing the order of the round-robin so that the first result from each server corresponds to the IP that corresponds to that DNS server (since browsers are guaranteed to try the first IP, but not necessarily the second)

    So the DNS servers are actually serving inconsistent information for the same zone when both machines are up (AFAIK not a problem?). However, when one machine goes down, the DNS automatically does the work for you (without having to manually check a heartbeat and remove the downed machine from DNS)


    - File/Database replication is NOT an issue
    - Load Balancing is NOT an issue (but should be a nice side-effect of this scheme)
    - Active sessions won't be handled gracefully (not a problem for me)
    - I *know* that i *should* buy a HA or professional failover solution, that's not the point of this post.

    - I am aware that DNS caches may not respect the low TTL value... that's ok, since the same problem plagues every other paid DNS failover services. The bonus in this scheme is that the affected users have another chance of getting to the website if their browser is set up to try the second round-robin host when the first times out (anyone know which browsers do/don't do this?)


    I haven't actually tried this yet, and a few quick google searches haven't brought up anything relevant... any other comments / technical feedback?

  2. #2
    Join Date
    Mar 2003
    Location
    California USA
    Posts
    13,681
    The trick? is reversing the order of the round-robin so that the first result from each server corresponds to the IP that corresponds to that DNS server (since browsers are guaranteed to try the first IP, but not necessarily the second)
    Not true at all.
    Steven Ciaburri | Industry's Best Server Management - Rack911.com
    Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
    Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
    FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance

  3. #3
    Quote Originally Posted by Steven View Post
    Not true at all.
    Care to elaborate? Which part isn't true?

    Browsers are not required to try the first entry in a round-robin? I'm pretty sure I've read that in multiple places now, but I haven't tried it myself. Is your experience that they pick randomly?

  4. #4
    Join Date
    Aug 2002
    Location
    Milton Keynes
    Posts
    354
    Quote Originally Posted by tomz17 View Post
    Care to elaborate? Which part isn't true?

    Browsers are not required to try the first entry in a round-robin? I'm pretty sure I've read that in multiple places now, but I haven't tried it myself. Is your experience that they pick randomly?
    It was the behavior for a long time that every time an A record was requested which had multiple entries it would iterate through them in random order.

    This is how DNS round robin load balancing works, and something I've used personally for around a decade.

  5. #5
    Join Date
    Mar 2003
    Location
    California USA
    Posts
    13,681
    Quote Originally Posted by tomz17 View Post
    Care to elaborate? Which part isn't true?

    Browsers are not required to try the first entry in a round-robin? I'm pretty sure I've read that in multiple places now, but I haven't tried it myself. Is your experience that they pick randomly?
    yes, very much my experience they pick randomly. Have you not heard of round robin load balancing?

    Here is an example:

    I had a group of servers - 6 of them to be exact in a round robin.

    Each server doing 300mbit of traffic, there was only a 15-20mbit variance between them.

    If what you said was true - the first ip would be hammered all day.
    Steven Ciaburri | Industry's Best Server Management - Rack911.com
    Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
    Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
    FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance

  6. #6
    Join Date
    Aug 2002
    Location
    Milton Keynes
    Posts
    354
    Quote Originally Posted by Steven View Post
    I had a group of servers - 6 of them to be exact in a round robin.

    Each server doing 300mbit of traffic, there was only a 15-20mbit variance between them.

    If what you said was true - the first ip would be hammered all day.
    Except once you start pushing that amount of traffic you should move away from ghetto-loadbalancing (aka DNS roundrobin) and start doing real load balancing.

  7. #7
    Join Date
    Jun 2006
    Location
    Europe
    Posts
    632
    in the above example, dns answers for a zone are consistent.

    to make it inconsistent you would do something like this:

    Server #1
    www IN A 1.1.1.1

    Server #2
    www IN A 2.2.2.2


    Which possibly makes what you are about to accomplish. But only if you run dns and apache on the same host.
    Last edited by xtrac568; 09-23-2010 at 10:36 AM.

  8. #8
    Join Date
    Mar 2003
    Location
    California USA
    Posts
    13,681
    Quote Originally Posted by drspliff View Post
    Except once you start pushing that amount of traffic you should move away from ghetto-loadbalancing (aka DNS roundrobin) and start doing real load balancing.
    Why? It worked perfectly fine. With a fairly low TTL, remove a ip from the pool and almost instantly traffic would flow to the other servers. It worked better then you would think.
    Steven Ciaburri | Industry's Best Server Management - Rack911.com
    Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
    Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
    FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance

  9. #9
    Join Date
    Aug 2002
    Location
    Milton Keynes
    Posts
    354
    Quote Originally Posted by Steven View Post
    Why? It worked perfectly fine. With a fairly low TTL, remove a ip from the pool and almost instantly traffic would flow to the other servers. It worked better then you would think.
    Aye it works, but you're at the mercy of the clients to evenly distribute load over your available machines.

  10. #10
    Join Date
    Mar 2003
    Location
    California USA
    Posts
    13,681
    Quote Originally Posted by drspliff View Post
    Aye it works, but you're at the mercy of the clients to evenly distribute load over your available machines.
    The bw spread I see is comparable to a real load balancer.
    Steven Ciaburri | Industry's Best Server Management - Rack911.com
    Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
    Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
    FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance

  11. #11
    Join Date
    Aug 2002
    Location
    Milton Keynes
    Posts
    354
    Quote Originally Posted by Steven View Post
    The bw spread I see is comparable to a real load balancer.
    Indeed, which is why so many people are using it.

    The downsides of load balancing being client controlled means you can't do weighting of different servers. e.g. you get a new server twice as powerful as the others, but with round robin load balancing it'll still handle the same amount of traffic as the others while in reality you could probably handle considerably more.

  12. #12
    Join Date
    Feb 2004
    Location
    UK
    Posts
    1,431
    Hi

    For DNS load balancing I came accross dnsrecord.com, seems to do what most people need.

    I am not affiliated with this company in anyway (before any asks) I just happened to come across the site.

    Thanks

  13. #13
    Join Date
    Mar 2009
    Location
    Austin Tx
    Posts
    2,007
    I've been failover-dns serving for a major multi-mill $$ corp for about 7 years, and have done a lot of tweaking, testing with TTLs. With explicit TTL @ 90, I have very good success in having pretty much all DNS server honoring. We have large customers...ATT, John Deer, Weichert, Hallmark, etc., that scream loud when things go down. I also use it with my private hosting company, I have yet to log a complaint that DNS didn't switch in time. Looking at my query records, and spying on web logs during fail-overs, I have close to 100% acceptance. I use "close to", because I have yet to find a cache that didn't, but then I gain, I never say never (or always). 90 is what I've found to be a good low that is honored universally.
    This is the best signature in the world....Tribute!
    (It is not the best signature in the world, no. This is just a tribute)

Similar Threads

  1. Concept Design - Feedback Wanted!
    By NoahH in forum Web Site Reviews
    Replies: 13
    Last Post: 09-12-2008, 10:48 AM
  2. Business concept feedback request
    By sockopt in forum Running a Web Hosting Business
    Replies: 4
    Last Post: 01-06-2007, 10:52 AM
  3. Feedback on design concept
    By AboveCenter in forum Web Site Reviews
    Replies: 3
    Last Post: 08-11-2003, 10:11 AM
  4. Need feedback on design and concept
    By 1lance in forum Web Site Reviews
    Replies: 12
    Last Post: 01-03-2003, 02:40 AM
  5. feedback on site /concept ..
    By aj104 in forum Web Site Reviews
    Replies: 6
    Last Post: 12-23-2002, 01:40 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •