achieving failover with 2 primary name servers?

[Ori Tend]

I implemented this, and it looks like web visitors are arriving to both
boxes - always.
I want to achieve a situation where visitors start to go to the second
box only when the first box fails.
So I'm thinking of the following:
Have the DNS2 run as secondary to DNS1 (as Barry mentioned, TTL should
be low, 1 min or so).
Run a simple script on box2 that polls the box1 to verify that www
responds well.
In case of a failure of box1, the script will switch the named.conf and
the zone file (on box2), to make DNS2 as primary, with A record pointing
to an IP residing on this box2.
When the script identifies that box1 is up and running again, it will
switch the named.conf and the zone file again (on box2), to make DNS2 a
secondary again, pointing to box1 again.

Again, this would help to divert visitors to box2 only when box1 dies.
Reason I prefer not to use lbnamed, is that its not as actively
maintained as bind, and not as documented as bind- and a simple script
can help achieving the needs.

What do you think about it? I mean, try to beat it with thoughts why it
won't work, and why I shouldn't do that :-)

Thanks,
Ori.
=20
-----Original Message-----
From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org] On
Behalf Of Barry Margolin
Sent: Monday, October 20, 2003 5:05 PM
To: comp-protocols-dns-bind at isc.org
Subject: Re: achieving failover with 2 primary name servers?


In article <bn0256$ut3$1 at sf1.isc.org>, Ori Tend  <ori_tend at yahoo.com>
wrote:
>Hi All,
>=20
>Trying to achieve a simple failover, I think of the following: Have 2=20
>dns servers for my domain at the registrar. Both would act as a primary

>server for the domain. DNS1 will answer requests, and delegate=20
>www.domain.com to first ip - which is hosted on the same box as DNS1.
>DNS2 will answer requests, and delegate www.domain.com to second ip -
>which is hosted on the same box as DNS2.
>=20
>The rational is that if a resolver can't reach any of the DNS servers=20
>(either DNS1 or DNS2), it's most likely won't be able to reach the ip's

>that are hosted on box1 and box2 respectively as well, due to a box=20
>failure. So I assume that in case of a failover scenario, box1 will not

>be
>reached- therefor, the client resolver will try DNS2, which will reply=20
>with the ip of the apache placed on box2- and that's how a failover=20
>will be achieved.
>=20
>The only drawback I can think of is that a zones would have to be=20
>transfered manualy, when a zone is changed, but sine i change the zones

>rarely, it's not that much of a hassle. Can anyone point other issues?=20
>Will it even work?

I think this should work fine.

You should make the TTL of the www.domain.com record short, so that
resolvers don't cache the address of the failing box for long.

--=20
Barry Margolin, barry.margolin at level3.com
Level(3), Woburn, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to
newsgroups. Please DON'T copy followups to me -- I'll assume it wasn't
posted to the group.