Public DNS with 2 ISP's

[bw447]

Hello All,

I currently have a network with a class C public ip range (ie 192.168.50.0/24 for

http://www.widget.com)

with our current ISP. Everything works fine with our public side dns. We just bought a second internet connection with a second ISP that is giving us 6 public ip addresses (192.168.250.9/29 this gives us 9-14). We are using this connection for load balancing and disaster assistance in case our current ISP goes down. We aren't changing our domain name.

If I want people to connect to our web server I figure I can go ahead and put into our public dns the second pubic IP address. Along with putting in a new reverse lookup zone which will hold the new PTR records. So when you do a lookup it will return two results with two seperate IP addresses. I also will need to let the people who we do dns transfers to setup a new zone on their side.

Is that correct? I know that PTR isn't such a big deal for browser traffic, but I want to allow mail to come through this second connection also and PTR's are very important for email.

Any advice would be appreciated.

Thanks,
-b

 

[Noway2]

As long as the page serves up on both addresses, you should be fine with adding either an A or CNAME record to your forward DNS zone. If the domain name resolves to multiple IP addresses, you can't guarantee which one a client will try to connect on.

Strictly speaking, you can have multiple (reverse) PTR records, but as I understand it, this is of limited utility.

For email, MX records should be used with priority ranking if you have multiple email servers, e.g. a backup server. PTR records are one method you can use and declare in an SPF record to help validate the server as being an authenticated SMTP server.

 

[bw447]

Thanks for the reply. That's what I thought. I have one more question to throw out there for this setup. Like stated before I have 1 public dns server. There are other dns server with other organizations that we slave out to so there is redundency as having more than one authoitative answer for the interent.

Is it possible to have people come in on the new second internet connection, NAT the server IP to our current public DNS (primary server) and then return an answer. In order for that to happen we would have to put in a new NS record and that requires an FQDN and a public IP address. However the public IP address will get NAT'd to what is currently the primary server.

Is that possible?

thanks again!

 

[Noway2]

I am not sure I fully understand your current question. If this reply doesn't answer it satisfactorily would you please elaborate your question?

It sounds like you want people using the new, second internet connection to use your DNS server that is on the other connection. If so, I would set things up, via your DHCP (or tell them when you give them a static assignment) that the primary DNS is <public-ip-of-your-dns>. It doesn't have to be on the same network subnet, the resolver just needs to know where to go.