Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

How to setup DNS for redundant Backup web server

Status
Not open for further replies.
juanguirao

juanguirao

Technical User
May 22, 2003
5
0
0
KR
I have two web servers hosting 2 copies of my site:
One copy with host1.com at IP 255.190.190.190 (bad example)
Another one with host2.com at IP 255.200.100.120 (another bad example)

I would like to setup the DNS so that if one of the web servers goes down, the users will be able to access the other one.

---

I have set up the DNS like this:

primary nameserver is on host 1: nsX.host1.com
secondary nameserver is on host 2: nsZ.host2.com

nsX.host1.com allows zone transfers to nsZ.host2.com so the information on both nameservers is identical.
THe SOA identifies nsX.host1.com as the primary nameserver.


However, I think this does not work.
Here's why...

Both nameservers have identical information and this information includes a single A-RECORD for the domain pointing at the web server on host 1 (255.190.190.190).

So, here is the problem...

If the web server 255.190.190.190 on host1.com goes down, then

- If the nameserver nsX.host1.com is not down, it will send the user to 255.190.190.190 (which is down)

- If the nameserver nsX.host1.com is down and nsZ.host2.com is not, then nsZ.host2.com will ALSO send the user to 255.190.190.190, which is down !

Dammit.
So what is the point of having two independent and geographically distant nameservers, if both have the same A-record for the domain and both send the user to the same IP address.

If machine for that IP address is down, then it does not matter how many nameservers you have, the user will always end up trying to load a site from a web server that is down.


IS THIS CORRECT?


IS THERE ANOTHER SOLUTION?
AM I MISSING SOMETHING?

Thanks,

DNS confused and Non redundant loser Juan Guirao

 
Sort by date Sort by votes

What you want to do is add a CNAME list like this:

www IN CNAME host1
host2

that will round robin between the to.

But it won't work. If one web server is down half of the page can't load. You can't really do this with DNS.

Cheers

Henrik Morsing
Certified AIX 4.3 Systems Administration
& p690 Technical Support
 
Upvote 0 Downvote
Yes, I also thought about creating two A-RECORDs,

google.com has two A-RECORDS pointing at different IPs.
But the problems is, as you (Morsing) say, that 50% percent of the requests will fail if one of the web servers is down.

-----

I still cannot believe it cannot be done with DNS.

All this concern with having nameservers for redundancy makes no sense unless you also take into account that the webserver itself (as opposed to the nameserver) can go down.

And in fact, in general, it goes down a lot more often than the nameserver !

-----

I cannot believe that whoever design a system with a safety feature for nameservers did not think about providing one for webservers.

------

If it really cannot be done with DNS...Can it be done IN SPITE of DNS?


 
Upvote 0 Downvote

Of course it can be done. All mayor companies do this.
Unfortunately I only know of commercial (expensive) solutions but I'm sure it's possible with free software.

Cheers

Henrik Morsing
Certified AIX 4.3 Systems Administration
& p690 Technical Support
 
Upvote 0 Downvote
What do major companies do?

Is it OK for you to mention one of those expensive solutions?

Knowing what I am looking for might help me find a free or cheaper solution.

Thanks
 
Upvote 0 Downvote
I found the solution [medal]

Big companies have A-RECORDS to many IP addresses, for domainname.com and
The different IP correspond to webservers that serve the same contents.

At the same time they use load balancer and failover systems to check on the status of all the webservers.

If one of them is found to fail, its A-RECORD(s) is immediately removed.

Although I do not need such a high degree of sophistication, I am going to try zoneedit.com, which seems to provide an inexpensive failover system.

[thumbsup2]

Juan Guirao
 
Upvote 0 Downvote


The solution you suggest isn't very good because you can't immediately remove an A record. DNS records are usually cached on the Internet and if you ask it not to cache it the performance implications are simply too big.

I haven't really worked with such systems. The closest I get is high available failover systems like IBM's HACMP. The way HACMP works is by taking over the IP address of the failing host.

An easier solution is to put a load balancer in front of the web servers but I have never done this myself.

Cheers

Henrik Morsing
Certified AIX 4.3 Systems Administration
& p690 Technical Support
 
Upvote 0 Downvote
Ummmh [ponder]

I think you are right. [sadeyes]

I wonder what zoneedit is promising then !
 
Upvote 0 Downvote
Got the same problem, found something called ultramonkey.
It's free, but requires kernel patches, so I'm looking for something "easier", but nothing else in sight so far...
 
Upvote 0 Downvote
It is possilbe to have another server running a script that would detect if the other server was pingable. If it was not pingable you could have another network card in the system takes its IP address and start hosting the site.

 
Upvote 0 Downvote
<snip>So what is the point of having two independent and geographically distant nameservers, if both have the same A-record for the domain and both send the user to the same IP address.</snip>

I think that you missed the point of having redundant name servers. It's to have redundant DNS, not web servers or mail servers or anything like that. If your primary name server failed you wouldn't want DNS requests for your domain to bounce, otherwise you'd loose all your services. No one would be able to resolve your web site or send you e-mail.

As far as having redundant web servers, most solutions are based around some kind of load balanced set up, which usually ends up being quite expensive. In the case of they have a number of A records and so requests will be served in a round robin fashion. If one fails they will take it out as they only have a TTL of 300 seconds, which means a BIG hit on the DNS servers. Any DNS cache that has a cached record for will flush it every five minutes and then have to do a recursive query the next time a user makes a request for that site. That's a lot of hits on the google DNS servers.

Chris.




**********************
Chris Andrew, CCNA, CCSA
chris@iproute.co.uk
**********************
 
Upvote 0 Downvote
Just browsing......... and this is the very question i wanted to ask!

Is there a simpler solution or am i just stuffed to setting ttl to 300 when i want to down a webserver for maintenance ?

ibearian.

PROJECT H
mailto:ibearian@projecth.co.uk
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

alpha76
  • Locked
  • Question
Advice on DNS setup/configuration
Replies
3
Views
5K
technome
technome
KenMeans
  • Locked
  • Question
DNS Issues with wireless router behind Atlantic Broad band Business Modem
Replies
0
Views
5K
KenMeans
KenMeans
Richard Carter
  • Locked
  • Question
Set up BIND on DNS server for local home server
Replies
0
Views
5K
Richard Carter
Richard Carter
tbright
  • Locked
  • Question
DNS reverse lookup errors: zone 1.168.192.in-addr.arpa/IN: has no NS records
Replies
1
Views
6K
tbright
tbright
herestone
  • Locked
  • Question
Core Switch DHCP Server Management 1
Replies
2
Views
5K
herestone
herestone

Part and Inventory Search

Sponsor

Back
Top