Results 1 to 13 of 13
-
09-23-2010, 12:56 AM #1Newbie
- Join Date
- Nov 2005
- Posts
- 11
Poor Man's DNS Failover Concept (need Feedback)
I have been pondering automatic DNS failover for a while, and am looking for some technical feedback on the following scheme
2 Geographically Diverse Servers running BIND and Apache
Server #1
NS1.DOMAIN.COM (1.1.1.1)
Server #2
NS2.DOMAIN.COM (2.2.2.2)
Then set up each DNS server with a low TTL for round-robin as follows
Server #1
www IN A 1.1.1.1
www IN A 2.2.2.2
Server #2
www IN A 2.2.2.2
www IN A 1.1.1.1
The trick? is reversing the order of the round-robin so that the first result from each server corresponds to the IP that corresponds to that DNS server (since browsers are guaranteed to try the first IP, but not necessarily the second)
So the DNS servers are actually serving inconsistent information for the same zone when both machines are up (AFAIK not a problem?). However, when one machine goes down, the DNS automatically does the work for you (without having to manually check a heartbeat and remove the downed machine from DNS)
- File/Database replication is NOT an issue
- Load Balancing is NOT an issue (but should be a nice side-effect of this scheme)
- Active sessions won't be handled gracefully (not a problem for me)
- I *know* that i *should* buy a HA or professional failover solution, that's not the point of this post.
- I am aware that DNS caches may not respect the low TTL value... that's ok, since the same problem plagues every other paid DNS failover services. The bonus in this scheme is that the affected users have another chance of getting to the website if their browser is set up to try the second round-robin host when the first times out (anyone know which browsers do/don't do this?)
I haven't actually tried this yet, and a few quick google searches haven't brought up anything relevant... any other comments / technical feedback?
-
09-23-2010, 01:18 AM #2Problem Solver
- Join Date
- Mar 2003
- Location
- California USA
- Posts
- 13,681
The trick? is reversing the order of the round-robin so that the first result from each server corresponds to the IP that corresponds to that DNS server (since browsers are guaranteed to try the first IP, but not necessarily the second)Steven Ciaburri | Industry's Best Server Management - Rack911.com
Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance
-
09-23-2010, 01:22 AM #3Newbie
- Join Date
- Nov 2005
- Posts
- 11
-
09-23-2010, 04:23 AM #4Aspiring Evangelist
- Join Date
- Aug 2002
- Location
- Milton Keynes
- Posts
- 354
-
09-23-2010, 04:34 AM #5Problem Solver
- Join Date
- Mar 2003
- Location
- California USA
- Posts
- 13,681
yes, very much my experience they pick randomly. Have you not heard of round robin load balancing?
Here is an example:
I had a group of servers - 6 of them to be exact in a round robin.
Each server doing 300mbit of traffic, there was only a 15-20mbit variance between them.
If what you said was true - the first ip would be hammered all day.Steven Ciaburri | Industry's Best Server Management - Rack911.com
Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance
-
09-23-2010, 04:56 AM #6Aspiring Evangelist
- Join Date
- Aug 2002
- Location
- Milton Keynes
- Posts
- 354
-
09-23-2010, 10:32 AM #7Web Hosting Master
- Join Date
- Jun 2006
- Location
- Europe
- Posts
- 632
in the above example, dns answers for a zone are consistent.
to make it inconsistent you would do something like this:
Server #1
www IN A 1.1.1.1
Server #2
www IN A 2.2.2.2
Which possibly makes what you are about to accomplish. But only if you run dns and apache on the same host.Last edited by xtrac568; 09-23-2010 at 10:36 AM.
-
09-23-2010, 11:07 AM #8Problem Solver
- Join Date
- Mar 2003
- Location
- California USA
- Posts
- 13,681
Steven Ciaburri | Industry's Best Server Management - Rack911.com
Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance
-
09-23-2010, 11:17 AM #9Aspiring Evangelist
- Join Date
- Aug 2002
- Location
- Milton Keynes
- Posts
- 354
-
09-23-2010, 11:37 AM #10Problem Solver
- Join Date
- Mar 2003
- Location
- California USA
- Posts
- 13,681
Steven Ciaburri | Industry's Best Server Management - Rack911.com
Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance
-
09-23-2010, 12:04 PM #11Aspiring Evangelist
- Join Date
- Aug 2002
- Location
- Milton Keynes
- Posts
- 354
Indeed, which is why so many people are using it.
The downsides of load balancing being client controlled means you can't do weighting of different servers. e.g. you get a new server twice as powerful as the others, but with round robin load balancing it'll still handle the same amount of traffic as the others while in reality you could probably handle considerably more.
-
09-23-2010, 12:12 PM #12Temporarily Suspended
- Join Date
- Feb 2004
- Location
- UK
- Posts
- 1,431
Hi
For DNS load balancing I came accross dnsrecord.com, seems to do what most people need.
I am not affiliated with this company in anyway (before any asks) I just happened to come across the site.
Thanks
-
09-25-2010, 02:05 AM #13Intangible Asset Appraiser
- Join Date
- Mar 2009
- Location
- Austin Tx
- Posts
- 2,007
I've been failover-dns serving for a major multi-mill $$ corp for about 7 years, and have done a lot of tweaking, testing with TTLs. With explicit TTL @ 90, I have very good success in having pretty much all DNS server honoring. We have large customers...ATT, John Deer, Weichert, Hallmark, etc., that scream loud when things go down. I also use it with my private hosting company, I have yet to log a complaint that DNS didn't switch in time. Looking at my query records, and spying on web logs during fail-overs, I have close to 100% acceptance. I use "close to", because I have yet to find a cache that didn't, but then I gain, I never say never (or always). 90 is what I've found to be a good low that is honored universally.
This is the best signature in the world....Tribute!
(It is not the best signature in the world, no. This is just a tribute)
Similar Threads
-
Concept Design - Feedback Wanted!
By NoahH in forum Web Site ReviewsReplies: 13Last Post: 09-12-2008, 10:48 AM -
Business concept feedback request
By sockopt in forum Running a Web Hosting BusinessReplies: 4Last Post: 01-06-2007, 10:52 AM -
Feedback on design concept
By AboveCenter in forum Web Site ReviewsReplies: 3Last Post: 08-11-2003, 10:11 AM -
Need feedback on design and concept
By 1lance in forum Web Site ReviewsReplies: 12Last Post: 01-03-2003, 02:40 AM -
feedback on site /concept ..
By aj104 in forum Web Site ReviewsReplies: 6Last Post: 12-23-2002, 01:40 AM