A program which can monitor HTTP service and change DNS recor d on fail?

Thu Apr 4 16:22:02 UTC 2002

Here we do something crude, but it works. We have 2 leased lines with 2
different IP ranges. All of our webservers are multihomed. We autogenerate
our DNS info from an internal database.

Usually our DNS info presents both IP addresses for any given webserver.
This does some crude load-balancing (we're not high volume). An in-house
perl script does HTTP GETs and PINGs to major sights. Using a very simple
algorithm it decides when one of our lines has gone bad. I get an SMS
message.

Then all I do is log on, verify the situation and run a script which issues
a reload to BIND giving it a configuration containly only one of the IP
ranges (whichever is the `good` line).

All of our caching values are set to 0 (like I said, low volume) so the
change is more of less instant. Mostly people are unaware, execpt for
dropped ssh sessions and the like.

Not great or fancy, but it works for us and is good enough as an ad-hoc
"resilience" solution. It is obviously not very scalable and relies heavily
on the in-house nameservers.

Just a thought.

-----Original Message-----
From: Barry Margolin [mailto:barmar at genuity.net]
Sent: 04 April 2002 16:42
To: comp-protocols-dns-bind at isc.org
Subject: Re: A program which can monitor HTTP service and change DNS
record on fail?

In article <a8g7q9$1hf at pub3.rc.vix.com>,
Steven E. Ames <sames at officescape.com> wrote:
>
>From a data center perspective couldn't you just use BGP to broadcast
>the same subnet from two different locations? When the route to one
>fails traffic won't even try going to it. No DNS witchery involved. You
>want IP failover right? So it really should be handled at the IP layer.

That will work if you can get a full class C or larger block, or if all
your data centers are connected to the same ISP.

-- 
Barry Margolin, barmar at genuity.net
Genuity, Woburn, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the
group.

This email and any attachments are strictly confidential and are intended
solely for the addressee. If you are not the intended recipient you must
not disclose, forward, copy or take any action in reliance on this message
or its attachments. If you have received this email in error please notify
the sender as soon as possible and delete it from your computer systems.
Any views or opinions presented are solely those of the author and do not
necessarily reflect those of HPD Software Limited or its affiliates.

 At present the integrity of email across the internet cannot be guaranteed
and messages sent via this medium are potentially at risk.  All liability
is excluded to the extent permitted by law for any claims arising as a re-
sult of the use of this medium to transmit information by or to 
HPD Software Limited or its affiliates.