michoski at cisco.com
Thu Mar 8 18:26:19 UTC 2012
On 3/8/12 10:20 AM, "Mike Hoskins" <michoski at cisco.com> wrote:
> On 3/8/12 8:15 AM, "Romgo" <romgo at free.fr> wrote:
>> I can use a VIP for DNS server, but I though that master/slave
>> configuration was made in order to avoid to use a VIP.
> Master/slave was to avoid SPOF -- if the master dies, who cares with a
> reasonable expire time. :-)
> So go ahead, setup a VIP...even using free stuff like Linux HA! In the big
> push for virtualization we've deployed N virtual machines behind VIPs doing
> recursive DNS and it works fine. It also lets you upgrade, replace, etc.
> any of your hosts with less stress. I think high availability should be an
> onion of many layers similar to security.
Meant to add one thing... In our configuration, we actually have two
recursive VIPs per site, and even considered three (internal IPs are cheap).
"Network blips" or maintenance which somehow cause a client to think one of
the VIPs is unavailable will be much less intrusive when there are multiple
server lines in resolv.conf... So even with a VIP, keep the options you've
added already, it'll help with protocol semantics and edge cases. Google
has a lot more info on this stuff. :-)
Don't worry about avoiding temptation -- as you grow older, it starts
avoiding you. -- The Old Farmer's Almanac
More information about the bind-users