Dynamically changing the DNS replies based on site being up/down

[Kevin Darcy]

satyapal_deja at my-deja.com wrote:

> I have a Website (www.yy.com) which maps to IP
> address x1.x2.x3.x4. Now if for some reason the
> host (x1.x2.x3.x4) serving the web content is not
> network reachable I want to divert the http
> traffic for www.yy.com to the IP address
> y1.y2.y3.y4 (a standby webserver). i.e.
> www.yy.com should map to y1.y2.y3.y4 in the event
> of x1.x2.x3.x4 not being network reachable,
>
> My primary goal is to achieve Webserver
> redundancy (only from network reachabilty
> perspective). i.e. Having two sites in different
> geographical locations and keeping one site in
> Active mode and the other in Standby mode. We
> actually evaluated a couple of solutions which
> achieve this functionality but they also come
> with a lot of other excellent features (which we
> do not need) and at a lot more cost which does
> not justify our requirement.
>
> I am thinking of two possible solutions for this:
>
> 1. To find out if there are some third party name
> servers who does this kind of intelligent
> switching ( i.e. to constantly verify whether the
> Primary Web server is network reachable and if
> not decide to distribute packets to the Standby
> Webserver by giving the Standby Webserver's IP
> address). I would prefer this rather than going
> about hosting DNS servers at our sites(as
> described in the second option). Having said this
> I am wondering if there are any companies which
> would do this for, say, a monthly fee ?

Seems like it wouldn't be hard to write something like this. You could
use Dynamic Update to make the actual DNS change, so the only "hard"
part is coming up with a reliable way of determining whether a site is
down or not...

> 2. Having two DNS servers the Primary being at
> Active Webserver site and the Secondary being at
> Standby Webserver site. The Primary DNS server
> always returns the IP address of Active
> Webserver. The secondary DNS server(at Standby
> site) also returns the IP address of Active
> Webserver as long as the Active Webserver is
> network reachable from Standby site. This could be
> achieved by a program sitting on Secondary site
> which monitors network reachability of Active
> Webserver IP address and if its not reachable it
> then modifies the records and push them so as the
> Secondary DNS server will reply with the IP
> address of Standby Webserver for henceforth DNS
> queries. Here I am assuming, if a DNS server (at
> Active OR Standby site) is network reachable then
> that particular site is network reachable. (As I
> said earlier I am only looking from network
> reachabilty perspective and not if some webserver
> software crashes.)
>
> Is the second solution feasible ?

More or less. Because nameservers will have cached the address, the
switchover will take a while, and in the meantime, all clients getting
the old address will just simply fail. A slightly more refined version
would be to have the nameservers return *both* addresses in "fixed"
order and then delete the primary address if that server goes down. At
least then the failover will be more transparent for clients which know
how to do address failover. Unfortunately, a side effect of this is that
other nameservers serving the name from their caches will tend to
"round-robin" the answers, so you'll get some leakage to your backup
server even when the primary is accessible.

Of course, you could reduce the effects of caching by lowering TTL
values, but this is wasteful of Internet resources.

> I guess this might be a standard problem with
> many web sites. Hoping to get some insight into
> solutions.

Yes it is, and the low-TTL approach is unfortunately becoming more and
more popular. Just yesterday, I proposed in the namedroppers list an
extension to the NOTIFY (sub-)protocol which would allow a server to
(optionally) initiate the propagation of address-record changes to other
nameservers. This would reduce the need to lower TTL's, and thus
conserve Internet bandwidth. Even if accepted, unfortunately, this
protocol extension would be years from widespread deployment.


- Kevin