Timeouts
O'Neil,Kevin
oneil at oclc.org
Mon Nov 19 22:54:39 UTC 2001
I may be misunderstanding your situation, but it sounds similar to what we
did last year. I hope you get some ideas from this even if it's not exactly
your situation.
We didn't have a backup name server off site. We had some 40 domain names.
We had several names of web sites that we wanted to resolve to one address
that would have the placeholder web site with the apology. We also had to
handle messages for telnet and ftp users.
A day before, I changed the $TTL for the domains to be very short (1 minute)
so that the IP address change for the names would be picked up quickly when
we went to the placeholder site (and later came back to the original site).
I prepared a named.conf file (to be used on the appointed day) so that
(almost) all the zones used a common file called db.powerdown:
------------------------------------------------
;
; Small config for the powerdown.
;
; This is the file used for all the zones except oclc.org zone.
;
;very small TTL during the powerdown, so that when we come
;back, the real addresses will get picked up quickly
$TTL 1m
@ in SOA dns.oclc.org. DNS-Admin.oclc.org. (
200007140 ;serial
900 ;refresh
300 ;retry
3600000 ;expiry
14400 ) ;negative TTL
in NS dns.oclc.org.
in a 132.174.11.251
;telnet-based service has to go to the Sun w/s.
connect in a 132.174.11.252
;ftp-based service has to go to the Sun w/s too.
edx in a 132.174.11.252
;everything else will go to 132.174.11.251 where the web server is
* in a 132.174.11.251
------------------------------------------------
Note the short $TTL, the use of the wild card and that the zone name is not
used in the file.
An exception was the zone that had our MX record in it, for the oclc.org
zone:
------------------------------------------------
;
; Small config for the powerdown: db.oclc.powerdown.
; 132.174.11.249 is the names server
; 132.174.11.250 is the purl server
; 132.174.11.251 is the web server
; 132.174.11.252 is where the DNS, telnet and ftp will go
;
; This is the file for the oclc.org zone. This has the MX record and the
dns
; address defined. None of the other files do.
;
;The web server will be at 132.174.11.251. The DNS will be at
132.174.11.252
;which is how the InterNIC is configured for our primary server.
;
;very small TTL during the powerdown, so that when we come back up the real
;addresses will get picked up quickly
$TTL 1m
@ in SOA dns.oclc.org. DNS-Admin.oclc.org. (
200007140 ;serial
900 ;refresh
300 ;retry
3600000 ;expiry
14400 ) ;negative TTL
in NS dns.oclc.org.
;oclc.org will resolve to 132.174.11.251 where the web server is
in a 132.174.11.251
;we specify an MX record even though we know there will be no
;mail server available.
;this is so it will look like the mail server is down. we don't
;know how Mail will behave if there is no MX record.
in mx 10 mailhost.oclc.org.
mailhost in a 132.174.19.60 ;nothing behind this address
dns in a 132.174.11.252
;telnet-based service has to go to the Sun w/s.
connect in a 132.174.11.252
;ftp-based service has to go to the Sun w/s.
edx in a 132.174.11.252
www.purl in a 132.174.11.250
purl in a 132.174.11.250
;names.oclc.org will go to a special address
names in a 132.174.11.249
;everything else will go to 132.174.11.251 where the web server is
* in a 132.174.11.251
------------------------------------------------
In the named.conf file, (almost) all the zones were defined to refer to this
one db file. Here's an illustrative segment:
------------------------------------------------
zone "portoclc.com" {
type master;
file "db/db.powerdown";
};
zone "pais.org" {
type master;
file "db/db.powerdown";
};
zone "worldcat.org" {
type master;
file "db/db.powerdown";
};
------------------------------------------------
Just before the powerdown I stopped and started the DNS on the offsite
machine with the powerdown configuration files.
When the power came back on, I started the original DNS servers with the
full configuration and the original $TTLs. The short $TTL's brought the
original IP addresses back quickly.
There's a little more to this but that's the DNS-related part.
...Kevin O'Neil
-----Original Message-----
From: Matthew Thompson [mailto:matthew.thompson at lrfairplay.com]
Sent: Monday, November 19, 2001 11:39 AM
To: comp-protocols-dns-bind at moderators.isc.org
Subject: Timeouts
Our internet services are going to be affected by a building wide power down
for a full electrical systems check - this includes taking the emergency
generator down.
Because of this I want to redirect all web requests via DNS to a server
hosted off site.
Our primary DNS server is hosted on site and will be powered down but the
secondary server is hosted off site on a totally seperate network.
How's the best way of going about this?
The outage will be from 5pm Saturday until 12 mid-day Sunday at worst but I
want all web sites to stay operational with a single placeholder apologising
for the outage (Which I have ready and waiting).
Thanks in advance, M at T :o)
More information about the bind-users
mailing list