Re: Understanding DNS, Create an "Failover"

To: debian-user@lists.debian.org
Subject: Re: Understanding DNS, Create an "Failover"
From: Miles Fidelman <mfidelman@meetinghouse.net>
Date: Fri, 31 Oct 2014 15:17:05 -0400
Message-id: <[🔎] 5453E031.8070300@meetinghouse.net>
In-reply-to: <[🔎] 87k33g6rfl.fsf@gulltop.yagibdah.de>
References: <[🔎] 544F58FF.70401@arcor.de> <[🔎] 87k33g6rfl.fsf@gulltop.yagibdah.de>

lee wrote:

basti <black.fledermaus@arcor.de> writes:

Hello,
last weekend my primary DNS-Server goes down, and some of my server
can't find each other.

[...]

How can I fix this?

Set up a second name server which operates as slave of your primary one
and use the slave as fallback?


bind, and dns in general, are designed for this:

1. you designate multiple nameservers with your registrar - which inturns forwards those records to the root nameservers (generally, you'reexpected to designate at least a primary and secondary) - so, right offthe bat, when all of your nameservers are "published" (NS records arereturned)

2. the trick is keeping the data synchronized - typically, you'llmaintain the records in one of your nameservers and then enablesynchronization between that server and your secondary server(s) -- bindsupports both push and pull

3. a common practice is to have a "hidden" nameserver, where youmaintain your records (e.g., on your own server), and then push/pull thedefinitive data to several other servers (e.g., heavy duty machinesmaintained by your data center operator or a commercial service) - thatway you can manage the records on a system you control, but not have toeat the data load (and potential DOS attacks) of queries from theoutside world

It's a bit tricky to set up the first time, then it just runs itself,except when you change records. (If I'm a little foggy on the details,it's because I haven't had to touch our nameservers in a long time.They just hum along). I would recommend getting a good book on thesubject - "DNS & Bind" from O'Reilly is pretty good, though I don't knowwhen they've last updated it.


Several other notes:

- While BIND is the definitive nameserver, there are others (e.g.,PowerDNS). Some of the others might be easier to administer (GUI vs.text files, that sort of thing).

- Webmin has a nice admin interface for bind.

- dnsstuff.com has some nice tools for monitoring and troubleshootingDNS, and their free toolset is enough for most things

Or.. you could just farm it all out to someone else. Pretty much everyregistrar will provide DNS for you, as well as as lots of other services.


Miles Fidelman

--
In theory, there is no difference between theory and practice.
In practice, there is.   .... Yogi Berra

Reply to:

References:
- Understanding DNS, Create an "Failover"
  - From: basti <black.fledermaus@arcor.de>
- Re: Understanding DNS, Create an "Failover"
  - From: lee <lee@yagibdah.de>

Prev by Date: Re: Perfect Jessie is something like this...
Next by Date: Re: Perfect Jessie is something like this...
Previous by thread: Re: Understanding DNS, Create an "Failover"
Next by thread: libgl1-mesa-swrast incompatible with GNOME?
Index(es):
- Date
- Thread