dns and isp redundancy ? why would i need to restart bind after a isp failover ?
Tom V
tvanover at localhost.com
Tue Dec 20 22:02:23 UTC 2005
On Mon, 19 Dec 2005 20:09:27 -0500, Barry Margolin wrote:
> In article <do7027$2hte$1 at sf1.isc.org>, Tom V <tvanover at localhost.com>
> wrote:
>
>> Hi,
>>
>> One of our customers has a firewall setup with isp failover (meaning, when
>> one link to internet fails, we can switch to a standby link from another
>> provider). Obviously, in this case our public ip adress also changes.
>
> It seems like you started by saying that this is one of your customers,
> but then switched to it being yourself. Reminds me of the TV cliche
> where a character asks for advice, but says it's for a "friend".
Hey, perhaps I get too attached to our customers, but whatever.
>
>>
>> Normally, this should not have any influence on the applications.
>>
>> However, today we had to switch over to another provider, and we noticed
>> that our internal dns server wouldn't resolve any external adresses
>> anymore. we always got a 'no servers could be reached' whenever we tried
>> to resolve a domain that wasn't local or in the cache.
>>
>> We solved the problem by simply restarting bind (this is bind 9 on redhat
>> linux enterprise 3). So it wasn't an access list somewhere that caused the
>> problem.
>
> Did the address of the server's NIC change as a result of the switch?
> BIND only checks for changes in interface addresses periodically -- this
> is controlled by the interface-interval option in named.conf.
No, the dns server's address didn't change. but when it reaches the
firewall, it's being nat'ed obviously and the adress it's nat'ed to
changes.
Strangely enough, when we did the recovery to the primary line, I didn't
need to restart the dns.
weird huh ?
More information about the bind-users
mailing list