Search Again: Re: Best way to share multiple links to the net? From: Men & Mice Support Date: Thursday, March 13, 2003 Time: 8:39:43 pm At 4:28 PM -0500 3/13/03, Robert Woodhead wrote: >At 8:00 PM +0000 3/13/03, QuickDNS Talk wrote: >>Let me try to clarify the issues involved. >> >>You're asking about web service, not so much about DNS service, >>right? You want to use DNS to solve the problem for web service, as I >>see it. > >Yep. > >>Solution: Yes, set your web/mail/other-non-DNS servers to have one IP >>on each subnet. Put one DNS server on each subnet. (You could use >>more than one for each subnet, but that might be overkill.) >> >>Make each DNS server a master server for your zones. Don't edit them >>together with QuickDNS 3.x or above - edit data on each server >>separately. On each server, for the web service, list only the same >>web server IP address as that DNS server is on. For DNS and mail >>services, list both. So, more concretely: >> >>You have link A and link B. You have a web server with IP address A >>and IP address B. You have two DNS servers, DNS A and DNS B. On DNS >>A, the record for web service points to IP address A. On DNS B, the >>record for web service points to IP address B. If link A goes down, >>the DNS servers of the world will only find DNS B, thus only finding >>IP address B for web service. >> >>Have I answered the question clearly? I hope so. This is an easy >>solution once you grok it. > >Yes, I understand what you're saying, and it is cute. But questions: > >1) Wouldn't it require a short refresh time? Yes. Actually, short TTL's on the A records in question. 5 minutes (300 seconds) is a good figure. >Consider the case of someone who happens to have accessed DNS and >gotten the IP that comes in over link A. Then link A goes down. >Until the DNS info expires, how are they going to find out about B? Actually, unfortunately, they won't, not with any DNS-based fault tolerance solution. Client software (i.e. web browsers and such) ignore TTL's. >2) This means that all the DNS servers have to be inside my area >(behind links A and B), right? Yes. >3) Are DNS lookups smart enough that, assuming there are 2 master >servers listed, they will pick one at random. Yes. (It has been reported that Microsoft DNS isn't smart enough, but this has been disputed by knowledgeable sources.) >Otherwise everyone is going to come down pipe A until it goes down >and the DNS info expires. > >If this IS the case, then a partial solution might be to shuffle the >order of the DNS servers listed for each domain I control (so a.com >lists the pipe A dns server first, b,com lists the pipe B dns server >first, etc). Yes, if MS DNS works as has been described (i.e. stupidly), this may be a useful trick. However, you don't need to shuffle the order in your zones so much as in the zone delegation records. >More details on exactly how to tweak this kind of config would be >much appreciated. You've pretty much figured it out. I'm not the expert, merely the parrot - while I've never used this myself, I know several of our list members have described making this work, and work well. ____________________________________________________________________ Chris Buxton Men & Mice support@menandmice.com Making DNS Easy

Messages In This Thread: Best way to share multiple links to the net? by Robert Woodhead on Mar 12, 2003 at 4:46:17 pm Re: Best way to share multiple links to the net? by Ryan Salazar on Mar 12, 2003 at 4:52:06 pm Re: Best way to share multiple links to the net? by Len Conrad on Mar 12, 2003 at 5:07:23 pm Re: Best way to share multiple links to the net? by Men & Mice Support on Mar 13, 2003 at 12:58:41 am Re: Best way to share multiple links to the net? by Robert Woodhead on Mar 13, 2003 at 1:32:19 pm Re: Best way to share multiple links to the net? by Men & Mice Support on Mar 13, 2003 at 8:39:43 pm