Bind Clustering
We use bind for DNS. At the moment we have one primary server that delegates updates to it`s two slave servers. Since everything nowadays is dependant on DNS I would like to cluster my primary server in case of a hardware failure or error. So, how do I setup two primary bind servers that keep each other in sync one way or the other. I`ve been surfing the internet, but couldn`t find any satisfactory solution. Any help is greatly appreciated. Arnoud ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Bind Clustering
Hello, We used rsync to copy our master/primary data to the secondary servers. Using some script magic, the primary is still the master (via named.conf) since, as with most DBs, there can only be one source of truth. However, the secondary servers were almost mirror copies of the primary. Only difference was their slave designation as defined in named.conf We never had a primary failure, but if we did minor script/named.conf changes would have made any of the secondary servers the new primary. Depending upon the environment, risk, needs, and hardware -- one could create such clusters. Furthermore, introduce load-balancers to mask the clusters. http://en.wikipedia.org/wiki/Rsync HTH - Original Message From: Arnoud Tijssen To: "bind-users@lists.isc.org" Sent: Thu, April 8, 2010 7:18:33 AM Subject: Bind Clustering We use bind for DNS. At the moment we have one primary server that delegates updates to it`s two slave servers. Since everything nowadays is dependant on DNS I would like to cluster my primary server in case of a hardware failure or error. So, how do I setup two primary bind servers that keep each other in sync one way or the other. I`ve been surfing the internet, but couldn`t find any satisfactory solution. Any help is greatly appreciated. Arnoud ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Bind Clustering
On Thu, Apr 08, 2010 at 01:18:33PM +0200, Arnoud Tijssen wrote a message of 14 lines which said: > Since everything nowadays is dependant on DNS I would like to > cluster my primary server in case of a hardware failure or error. Why? I really do not see your point. You have three authoritative name servers (the master and two slaves), presumably in different locations. Isn't it enough? If no, you can still add slaves. > So, how do I setup two primary bind servers that keep each other in > sync one way or the other. Slaves keep in synch automatically. ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Bind Clustering
Doesn't DDNS rely on a single SOA? If so, is there a best practice on how to deal with this? -Michael On 4/8/2010 9:15 AM, Stephane Bortzmeyer wrote: On Thu, Apr 08, 2010 at 01:18:33PM +0200, Arnoud Tijssen wrote a message of 14 lines which said: Since everything nowadays is dependant on DNS I would like to cluster my primary server in case of a hardware failure or error. Why? I really do not see your point. You have three authoritative name servers (the master and two slaves), presumably in different locations. Isn't it enough? If no, you can still add slaves. So, how do I setup two primary bind servers that keep each other in sync one way or the other. Slaves keep in synch automatically. ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Bind Clustering
On Thu, Apr 08, 2010 at 09:46:04AM -0500, Michael Hare wrote a message of 29 lines which said: > Doesn't DDNS rely on a single SOA? If so, is there a best practice > on how to deal with this? Are you sure the OP uses dynamic udpates? It is not obvious from his message. In that case, yes, he has a big problem. (One more reason to avoid dynamic update.) ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Bind Clustering
Arnoud wrote: > We use bind for DNS. > At the moment we have one primary server that delegates updates to it`s two > slave servers. > > Since everything nowadays is dependant on DNS I would like to cluster my > primary server in case of a hardware failure or error. > > So, how do I setup two primary bind servers that keep each other in sync one > way or the other. > I`ve been surfing the internet, but couldn`t find any satisfactory solution. I've never tried this, but I think it might work: The hard part of this is the dynamic DNS, so looking at that part of it first Use multiple slave servers in an anycast architecture for the published MNAME server, and use update forwarding on the slave servers to replicate DDNS to multiple hidden masters. The slaves would then all zone-transfer the info back from the hidden masters. To conserve hardware, you can have 2 instances of BIND on a single server so that each slave has a hidden master on the same box. The key to anycasting is that if a slave server stops working, the host route to that server must be removed from the router asap. This can be done best using Cisco routers with static routes that track "ip sla" monitors configured to check DNS. Otherwise it can be done using OSPF between the server and the router with self-monitoring scripts on the servers that take down the loopback interface if the service is down. For the non-dynamic DNS, you can have all masters share a common NAS directory for non-dynamic zone files as well as the shared conf file -- but keep the dynamic (and slave) data in local directories. Any time the non-dynamic data changes, you will need to "kill -1" all of the BIND processes configured as master for the affected zones. This can be automated with scripts using rndc. I'd be glad to help further, but more importantly I'd like to know how well it works for you before I dare try it myself. ;-) -- Gordon A. Lang / 313-819-7978___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Bind Clustering
On Apr 8, 2010, at 10:52 AM, Stephane Bortzmeyer wrote: On Thu, Apr 08, 2010 at 09:46:04AM -0500, Michael Hare wrote a message of 29 lines which said: Doesn't DDNS rely on a single SOA? If so, is there a best practice on how to deal with this? Are you sure the OP uses dynamic udpates? It is not obvious from his message. In that case, yes, he has a big problem. (One more reason to avoid dynamic update.) But, hang on, if I don't do dynamic updates, how do I make my Active Directo... Oh! Yes, I see I see, this is indeed a win :-) W ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users -- Some people are like Slinkies..Not really good for anything but they still bring a smile to your face when you push them down the stairs. ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
