One Server, two IPs, DNS setup

Chris Buxton cbuxton at menandmice.com
Mon Sep 25 17:39:43 UTC 2006 

Oh, there's more to it than that.

- If your name server is not registered on both addresses (i.e. isn't  
listed as two name servers in the delegation, pointing to both  
addresses), when line A goes down, the DNS server will be unreachable  
for at least some requests. Same goes for address records in your  
domain - you must advertise both interfaces of the name server in  
DNS. Use separate names for each interface (e.g. ns1 and ns2) and  
make sure your domain registration records and the records in your  
zone match.

- If a web visitor has started browsing the site through IP address  
A, and if line A then goes down, the visitor will not switch to IP  
address B. There is no solution to this, other than not using such an  
unreliable net connection. (Better yet, use BGP and avoid this whole  
topic of discussion.)

- If a potential web visitor is given both addresses of the web  
server, their browser will essentially pick one at random. (Actually,  
their local resolving DNS server will pick one at random.) If that  
line is down, they will not switch to the other line, and so they  
will not get in. The solution to this is to use views on the name  
server to provide different answers depending on the name server  
interface the query came through (i.e. the line A address or the line  
B address). You should also use relatively short TTL's, like 5  
minutes or less, to minimize caching. This is seen as being  
relatively anti-social in the DNS community, so again, avoid this  
whole issue and use BGP instead.

(If web browsers supported SRV records, this whole issue would be  
much simpler and would not require BGP in order to create a reliable  
solution.)

Chris Buxton
Men & Mice

On Sep 24, 2006, at 9:54 PM, Matt wrote:

> Just make both your APache and BIND listen for connections on ALL  
> interfaces (
> ipaddresses ) on the server.
>
> --- tbnarvaez at yahoo.com wrote:
>
>> I`d appreciate very much any help with the following problem:
>>
>> I have one web server connect to the internet via Provider A. By the
>> way, the ip address asigned to that server (IP A) belongs to  
>> Provider A
>> as well as the DNS server I use.
>> The problem is that link is very unstable and it is constantly out of
>> service.
>>
>> Because of this situation I am adding a second internet link with
>> Provider B who will also assign its own IP address to my web  
>> server (IP
>> B).
>>
>> In order for this to work I am thinking about doing the following:
>> a). I will assign to the web server both IP addresses in the same  
>> NIC.
>>
>> b) In Providers A's DNS server I will assign to the web server two IP
>> addresses: the one assigned by Provider A and the second one from
>> Provider B.
>>
>> My questions are:
>> 1. Is this all I should do?
>> 2. Will it be any off time because of the DNS broadcast of the new IP
>> address (or even the old IP Address)?
>> 3. If link A fails will it be possible for a client to access the web
>> server via Provider B's link even if the DNS server belongs to  
>> Provider
>> A?
>>
>> Thanks in advance for any comments or suggestions.
>>
>>
>>
>
>
>

More information about the bind-users mailing list