Failover with DNS

DAVID E. ZADE DZADE at ALLMERICA.COM
Tue Feb 15 14:46:49 UTC 2000 

Looks like you need a load balancing product such as resonate, IBM NetDispatch, Cisco local or distributed Director.  They all have the abaility to be configured to monitor servicer (service) availability and forward requests accordingly.  Most have both a packet forwarding scheme, or a DNS response scheme.

David ZADE
dzade at allmerica.com or dzade at rcn.com 


>>> Kevin Darcy <kcd at daimlerchrysler.com> 02/14/00 09:16PM >>>
Mohammed Ghanawi wrote:

> I would like to configure a failover system using DNS, so that
>
> if mail1.domain.com fails all mail should be routed to mail2.domain.com
> if web1.domain.com fails all HTTP traffic should be routed to
> web2.domain.com
> is ldap1 fails the use ldap2
>
> I usually duplicate mail1 and mail2, web1 and web2, ldap1 and ldap2.
>
> right now I have aliases
>
> mail -> mail1
> web -> web1
> ldap -> ldap1
>
> if web1 fails for example, I just go to the dns server and point web to
> web2, same for mail and ldap.
>
> Is there a way to make this automatic with DNS ?

For mail, you should be able to use MX records. Any SMTP mailer which
obeys RFC 974 knows how to failover from a better-preference MX target to
a worse-preference MX target.

Unfortunately, for the other protocols, there is no standard, propagatable
way to do this. The SRV record type is protocol-independent, and has a
preference scheme similar (but superior) to MX records, but, last
I looked, it wasn't a standard, and in any case requires changing lookup
semantics at the client level, which is a major barrier to
deployment/acceptance.

If you have control of all the slaves for a zone, and if they all support
the feature, you could use the "rrset-order" option (or the
non-BIND equivalent, if any) to give out the addresses for these names in
a "fixed" order. But because "rrset-order" options aren't propagated,
caching servers may interfere with the sort order, with the only
quasi-solution being to lower the TTL's on the records (which increases
DNS traffic). Uncontrolled slaves, including possibly stealth slaves (if
you allow them), may also interfere with the sort order. So there is no
really good solution right now. I'm currently experimenting with a new
DNS record type which will specify response ordering in a way that is
propagatable, but I don't know if these experiments will bear any fruit...


- Kevin

More information about the bind-users mailing list