Detecting Failures

Eamon Murchan eamon.murchan at arup.com
Wed Oct 1 16:18:40 UTC 2003 

Martin asks

What do large operations with extremely high reliability factors do when
they run bind?

I run Lucent BIND 8.2.6 and support Active Directory globally. To put aside
the debate on Microsoft DDNS with respect to security and resilience. For
the corporate organisation may I recommend Lucent VitalQIP. This application
supports IP Address management, DNS and DHCP functionality. The DNS function
not only has true multi-master DNS with an easy to use GUI with worthwhile
granular logging. It has a function called EDUP where your AD zones can be
replicated to the other multi-master DNS servers within your organisation.

Regards
Eamon
_________________________________
Eamon Murchan
Server Team Leader
IT Services
X 53954 f53378 2.10-12 Maple Street



-----Original Message-----
From: Martin McCormick [mailto:martin at dc.cis.okstate.edu]
Sent: 01 October 2003 15:56
To: comp-protocols-dns-bind at isc.org
Subject: Detecting Failures


	In the old days, a catastrophic failure of the master dns was
not nearly as devistating as it might be today in an Active Directory
environment.  Microsoft has a multimastering scheme where by several
platforms all behave as the master dns so that if one fails, nobody
notices outside of the system administrators, maybe.

	It is pretty easy to turn a slave in to a master as long as it
had all the zones to begin with.  That along with a second Ethernet
interface means that one just brings it up on the master's address
with the correct configuration file and things are able to be updated
again.

	This brings me to the question.  What do large operations with
extremely high reliability factors do when they run bind?

	Active Directory is growing fast in our group and we should
have a plan of action to quickly failover a dead master.

	The hard part to me seems to be how best to automate the
detection of a true dns failure in such a way as not to accidentally
trigger the switchover and possibly have two working systems sharing
the same IP address.

Martin McCormick WB5AGZ  Stillwater, OK 
OSU Information Technology Division Network Operations Group

___________________________________________________________________
Electronic mail messages entering and leaving Arup business
systems are scanned for acceptability of content and viruses.

More information about the bind-users mailing list