DNS BIND Failover Setup (High Availability)
david t. klein
root at nachtmaus.us
Sat Sep 29 14:01:05 UTC 2012
A month and a half late, but what you can do is:
- Hidden master, owns the zones but is not advertised, except in SOA
- Zones are dynamic, you learn to make updates with NSUPDATE, pointed at
the master
- CRON job in the master to freeze-backup-thaw the zones as often as your
backup policy says
- Multiple slaves learn the zones from the master via XFR
- The slaves listen on a loopback address, which is the same address in
every slave
- Each slave runs a routing daemon and advertizes the loopback address as a
specific /32 or /128 to his upstream router
- All clients are configured with the IP Anycast address, and you have NS
record for the IP Anycast address
- You run a monitoring script in each slave, so that if NAMED stops being
available or stops giving sensible/correct answers, then the script:
- sends a "KILL -9" to NAMED
- withdraws the route from the routing daemon
- downs the loopback virtual interface
- sends you an email/page/rings an alarm
Really, many people have solved this, in much the same way. It is almost a
standard pattern.
--
david t. klein
Cisco Certified Network Associate (CSCO11281885)
Linux Professional Institute Certification (LPI000165615)
Redhat Certified Engineer (805009745938860)
Quis custodiet ipsos custodes?
-----Original Message-----
From: bind-users-bounces+root=nachtmaus.us at lists.isc.org
[mailto:bind-users-bounces+root=nachtmaus.us at lists.isc.org] On Behalf Of
Kaushal Shriyan
Sent: Friday, September 14, 2012 6:37 AM
To: bind-users at lists.isc.org
Subject: DNS BIND Failover Setup (High Availability)
Hi,
Can someone please point me to setup High Availability BIND DNS Server on
CentOS Linux version 5.8?
Regards,
Kaushal
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to
unsubscribe from this list
bind-users mailing list
bind-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
-----
No virus found in this message.
Checked by AVG - www.avg.com
Version: 2012.0.2221 / Virus Database: 2441/5298 - Release Date: 09/29/12
More information about the bind-users
mailing list