DNS anycast node monitor

[Anand Buddhdev]

On 09/04/15 16:50, Hillary Nelson wrote:

Hi Hillary,

> Currently we have about 20 DNS servers sit behind two pairs of F5 LTM on
> campus, the two pairs of F5s using router injection for DNS virtual
> addresses. This setup is costly and we are trying to use direct anycast
> between router and server instead, with quagga and bgp.

If you merely want to announce a route from the DNS server to the
router, and don't need to receive routes and insert them into the
server's routing table, then consider ExaBGP. It's great for simply
announcing prefixes via BGP.

We use this setup at the RIPE NCC and it works rather well.

> The decision of advertise/withdraw route seems to be most critical one. I
> guess we'll need two monitors, one on the server, another like nagios
> monitor from a remote system.  I know there are people doing this for many
> year, wonder if
> there are working script that would like to share.

We run ExaBGP under the CentOS 6 upstart supervisor. ExaBGP's upstart
script is configured to stop it on certain events. We use another
upstart script to monitor the DNS server (with queries using dig), and
if the DNS server doesn't respond, then an event is emitted causing
exabgp to die, and withdraw the route to that server. The client almost
doesn't notice this.

You can also run all this under systemd if you wish, with its
dependencies. Or use monit, which can also let you define dependencies,
and stop or start services under certain condition. I don't have all the
URLs handy, but I'm sure you can search for all these things.

Regards,

Anand Buddhdev
RIPE NCC