On 3/8/12 10:20 AM, "Mike Hoskins" <micho...@cisco.com> wrote:
> On 3/8/12 8:15 AM, "Romgo" <ro...@free.fr> wrote: >> I can use a VIP for DNS server, but I though that master/slave >> configuration was made in order to avoid to use a VIP. > > Master/slave was to avoid SPOF -- if the master dies, who cares with a > reasonable expire time. :-) > > So go ahead, setup a VIP...even using free stuff like Linux HA! In the big > push for virtualization we've deployed N virtual machines behind VIPs doing > recursive DNS and it works fine. It also lets you upgrade, replace, etc. > any of your hosts with less stress. I think high availability should be an > onion of many layers similar to security. Meant to add one thing... In our configuration, we actually have two recursive VIPs per site, and even considered three (internal IPs are cheap). "Network blips" or maintenance which somehow cause a client to think one of the VIPs is unavailable will be much less intrusive when there are multiple server lines in resolv.conf... So even with a VIP, keep the options you've added already, it'll help with protocol semantics and edge cases. Google has a lot more info on this stuff. :-) -- Don't worry about avoiding temptation -- as you grow older, it starts avoiding you. -- The Old Farmer's Almanac _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
