DNS cluster

Brad Knowles brad at stop.mail-abuse.org
Tue Mar 15 23:58:52 UTC 2005

At 12:28 PM -0500 2005-03-14, Rafa wrote:

>  What I'm planning to do is to have a stealth master and three or four
>  slaves that would do a combination of authoritative and caching
>  functions.  The slaves would be in a cluster running some sort of
>  heartbeat daemon to take over failed machines.

	Don't combine authoritative and caching functions.  Split them 
across different sets of machines, or at least set up different sets 
of virtual IP addresses and different sets of BIND processes.

>  Currently I'm using Solaris and Freebsd but in the interest of
>  homogeinity, I would use the same OS on all slaves.

	Either OS should work fine.

>  The slaves would be completely independent from each other (no shared
>  storage, etc) and wouldn't even need to have the same version of bind
>  (which would greatly simplify upgrades).

	True enough.

>  Anobody done it like this?  Any issues I should be aware of?  I'd like
>  to keep it as simple as possible, which is why I haven't planned on
>  load balancing.

	You can do service IP addresses, and then set up process 
monitoring between the various machines.  If the machine providing 
service for that IP address goes down, then another machine could 
take over that IP address, and service could be continued.

	This doesn't require a proper cluster, just some 
heartbeat/high-availability software, for which alternatives are 
available for various OSes.  Some of these are commercial (e.g., 
Veritas), and some are freely available.

	Alternatively, you could assign the IP addresses to a Layer Four 
load-balancing switch, and hide all the servers behind the switch.

	There are also OS-level clustering solutions which can provide 
the same kind of functionality, although I think they're probably 
overkill for this particular application.

Brad Knowles, <brad at stop.mail-abuse.org>

"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."

     -- Benjamin Franklin (1706-1790), reply of the Pennsylvania
     Assembly to the Governor, November 11, 1755

   SAGE member since 1995.  See <http://www.sage.org/> for more info.

More information about the bind-users mailing list