http fail over with srv records

Mark Andrews Mark_Andrews at isc.org
Thu Jan 10 23:32:14 UTC 2008


	The basic problem is that there is no documentation on how
	to it and it is a protocol violation to do this to old
	(includes http) protocols without writing a transition
	(retrofiting) specification.

	I attempted to write such a document years ago but got zero
	traction from browser and proxy developers.  I attempted to
	revive it and still got zero traction from browser and proxy
	developers.

	http://www.watersprings.org/pub/id/draft-andrews-http-srv-01.txt

	Mark

> Your basic problem here is that it's up to the web browser to do the  
> right thing, and nearly all of them don't. I believe there might be  
> one or two (Opera?) that do, but the major browsers (IE, Firefox, and  
> Safari) do not.
> 
> As a side note, if browsers did support SRV records, you would want  
> another RRSet named _http._tcp.www, to cover the case when users enter  
> "www.cska.dom" into their browsers.
> 
> Since a purely DNS-based solution won't work, you might consider  
> something at the HTTP level, or you might want to consider finding a  
> way to force your DNS records to react to an outage. For example:
> 
> - I believe F5 makes some appliances...
> 
> - You could have a process watching your web servers and using dynamic  
> update to change the A record when needed. I believe there are canned  
> solutions for this as well.
> 
> - You could put a hidden master name server on each web server, and  
> configure your publicized DNS servers as slaves, with the backup  
> master listed second. Add "multimaster true;" to each slave zone  
> statement, if I recall the syntax correctly. Then if web server A goes  
> down (the whole machine, or its connection to the Internet), the DNS  
> servers would switch over to server B and its different data. Use a  
> short refresh interval to make this more responsive. Note that if the  
> web server process fails, but the server machine is still up, you're  
> out of luck here.
> 
> In general, this is a tough issue to solve. It would be very nice if  
> the browsers supported SRV records, because then we could stop playing  
> all these games, but unfortunately they do not.
> 
> Chris Buxton
> Professional Services
> Men & Mice
> Address: Noatun 17, IS-105, Reykjavik, Iceland
> Phone:   +354 412 1500
> Email:   cbuxton at menandmice.com
> www.menandmice.com
> 
> Men & Mice
> We bring control and flexibility to network management
> 
> This e-mail and its attachments may contain confidential and  
> privileged information only intended for the person or entity to which  
> it is addressed. If the reader of this message is not the intended  
> recipient, you are hereby notified that any retention, dissemination,  
> distribution or copy of this e-mail is strictly prohibited. If you  
> have received this e-mail in error, please notify us immediately by  
> reply e-mail and immediately delete this message and all its attachment.
> 
> 
> 
> On Jan 10, 2008, at 11:35 AM, Radi Tzvetkov wrote:
> 
> > Trying to set a simple fail over when site A is active and site B is
> > standby. When A fails all traffic goes to B. Should be pretty easy
> > with SRV records but my experimental BIND server does not deliver the
> > expected result. Also i am not sure if these records are implemented
> > in IE7 or Firefox.
> > Aslo any suggestions on how to support multiple grographically  
> > dispersed web
> > servers are welcome.
> >
> > Here is the zone file:
> >
> > $TTL 86400
> >
> > @       IN      SOA     ns1.cska.dom.      dnsadmin.cska.dom. (
> >                      5        ; serial number YYMMDDNN
> >                       28800           ; Refresh
> >                       7200            ; Retry
> >                       864000          ; Expire
> >                       86400           ; Min TTL
> >                       )
> >
> >               NS      ns1.cska.dom .
> >               NS      ns2.cska.dom.
> >
> >               MX      10 mail.cska.dom.
> >
> >
> >
> > _http._tcp.cska.dom. SRV   10 1 80      host1.cska.dom.
> > _http._tcp.cska.dom. SRV   20 0 80      host2.cska.dom.
> >
> > cska.dom.               A     10.1.1.13
> > host1.cska.dom.         A     64.233.167.99
> > host2.cska.dom.         A     10.1.9.1
> >
> >
> > ns1.cska.dom.           A       10.1.9.1
> > ns2.cska.dom.           A       10.1.9.1
> > mail.cska.dom.          A       10.1.9.1
> >
> > ; NO other services are supported
> >     *._tcp          SRV  0 0 0 .
> >     *._udp          SRV  0 0 0 .
> >
> >
> > $ORIGIN cska.dom.
> >
> >
> >
> 
> 
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org



More information about the bind-users mailing list