What happens when one out of three NSs are down?

Matus UHLAR - fantomas uhlar at fantomas.sk
Wed Jun 12 13:01:02 UTC 2013

On 11.06.13 20:12, Gary Wallis wrote:
>What really happens in the real world when 1 out of three 
>authoritative NSs are down for 30 minutes due to a datacenter outage?

completely nothing should happen.


>All in different datacenters.

especially in this case. Unless, of course, the datacenters have the same
connectivity (even different ISPs can go through the same cable)

>Where the datacenter handling ns3 broke routing (mistake in new 
>router configuration) for and ns3 is no longer 
>I think I have a grasp on the basic theory here, but in practice, the 
>unreachable ns3 nameserver creates problems for a small group of 
>customers trying to reach web sites with zones hosted by these three 
>authoritative NSs.

maybe they already have problems reaching the other nameservers, so the
domain stopped working for them?

>Will round robin glue NS records help?

what do you mean? the glue and authoritative NS records should be the same.
If they are not, it may be one of reasons your clients have problems.

>Can quick or automated changes at the registrar of the NS3 IP help? 

No. Most registrars don't give that small TTL and even if they would, using
it would create much more troubles.

>For example to change to a hot spare in some other datacenter? In 
>this case would the running NSs have to have the changed NS A record 
>also match?

Teoretically, yes (as I said above, authoritative and glue NS records should
be the same).  But don't tell me that you use TTL so small that someone
would notice.

Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
10 GOTO 10 : REM (C) Bill Gates 1998, All Rights Reserved!

More information about the bind-users mailing list