Multi-master (HA)

[Tony Finch]

A few thoughts...

The DNS protocol is already pretty good at replicating zone data - see for
instance John Wingenbach's message in which he describes how their
deployment gradually converged on a fairly standard architecture :-)

I think multi-master makes most sense if the primary master uses DNS
UPDATE for zone edits (and use raw file format), to minimize the
differences between the primary and the secondaries.

You probably want to ensure update forwarding is allowed, so that update
clients do not have to worry so much about finding the current primary
master.

When a secondary takes over as primary it will need to update the SOA
MNAME to point to itself so updates go to the right place.

Most of the problem is actually one of remote configuration management:
promoting a secondary to a primary is not all that different from setting
up the secondary in the first place or making other co-ordinated changes.
For instance it would be nice to be able to set up a zone once on the
primary and have it automatically provisioned on the secondaries.

I like Phil Mayers' zone-template idea, which might make it easier to flip
from secondary to primary, as well as reducing the size and ensuring the
consistency of large configs.

Metazones are a tempting idea but the details get yucky the more of BIND's
features you want to support. Also I am rather wary about the idea of
putting secrets in a DNS zone; if you have an out-of-band way of
distributing them it makes sense to use the same channel for the rest of
the configuration.

(http://ci.nii.ac.jp/naid/110007502948 - Vixie's metazones paper.)

Tony.
-- 
f.anthony.n.finch  <dot at dotat.at>  http://dotat.at/
Viking, North Utsire: Easterly or southeasterly 4 or 5, occasionally 6 in
south Viking. Slight or moderate. Rain or showers. Good, occasionally poor.