[gentoo-server] Failover-capable DNS server?

[gentoo-server] Failover-capable DNS server?

[Pandu Poluan]

Hello all, I'm in need of some suggestions.

You see, I have 2 Internet connections with public IP addresses, let's
say ISP A 11.22.33.44 and ISP B 22.33.44.66

Now, I want outside parties trying to connect to "target.example.com"
by default resolves to 11.22.33.44, but if ISP A's connection goes
down for any reason, the DNS server will instead return "22.33.44.66".

The nameserver itself will be located in the company, accessible from
the world via "ns1.example.com" = 11.22.33.44:53 or "ns2.example.com"
= 22.33.44.66:53. This allows the nameserver to monitor the state of
the connections to ISP A and ISP B.

I've been perusing pages discussing BIND, and came to the conclusion
that BIND is incapable of doing that.

Anyone can recommend me a DNS server that has such capability? Or how
to implement this ability with maybe Python or (*shivers*) Perl?

Rgds,
-- 
FdS Pandu E Poluan
~ IT Optimizer ~

 • LOPSA Member #15248
 • Blog : http://pepoluan.tumblr.com
 • Linked-In : http://id.linkedin.com/in/pepoluan

Re: [gentoo-server] Failover-capable DNS server?

[Jos Houtman]

[-- Attachment #1: Type: text/plain, Size: 1890 bytes --]

Hi,

Why don't you create a short lived (say 5 minutes) A record for
target.example.com.
Under normal circumstances both ns1 and ns2 will return 11.22.33.44

You can then create a script that monitors the internet connection of isp A.
If that is down, it will update the A records for target.example.com to the
secondary IP adress.

Because your A record has a short timeout, downstream clients should pick
up the new ip address relatively quickly.
However you have to be aware that some ISP ignore such short lived A
records and cache the resolved address for a longer period of time.

Depending on your internet connection, I might consider offloading this
burden to a hosting company.

Jos

On Mon, Nov 21, 2011 at 10:52 AM, Pandu Poluan <pandu@poluan.info> wrote:

> Hello all, I'm in need of some suggestions.
>
> You see, I have 2 Internet connections with public IP addresses, let's
> say ISP A 11.22.33.44 and ISP B 22.33.44.66
>
> Now, I want outside parties trying to connect to "target.example.com"
> by default resolves to 11.22.33.44, but if ISP A's connection goes
> down for any reason, the DNS server will instead return "22.33.44.66".
>
> The nameserver itself will be located in the company, accessible from
> the world via "ns1.example.com" = 11.22.33.44:53 or "ns2.example.com"
> = 22.33.44.66:53. This allows the nameserver to monitor the state of
> the connections to ISP A and ISP B.
>
> I've been perusing pages discussing BIND, and came to the conclusion
> that BIND is incapable of doing that.
>
> Anyone can recommend me a DNS server that has such capability? Or how
> to implement this ability with maybe Python or (*shivers*) Perl?
>
> Rgds,
> --
> FdS Pandu E Poluan
> ~ IT Optimizer ~
>
>  • LOPSA Member #15248
>  • Blog : http://pepoluan.tumblr.com
>  • Linked-In : http://id.linkedin.com/in/pepoluan
>
>

[-- Attachment #2: Type: text/html, Size: 2867 bytes --]

[gentoo-server] Re: Failover-capable DNS server?

[Pandu Poluan]

On Mon, Nov 21, 2011 at 16:52, Pandu Poluan <pandu@poluan.info> wrote:
> Hello all, I'm in need of some suggestions.
>
> You see, I have 2 Internet connections with public IP addresses, let's
> say ISP A 11.22.33.44 and ISP B 22.33.44.66
>
> Now, I want outside parties trying to connect to "target.example.com"
> by default resolves to 11.22.33.44, but if ISP A's connection goes
> down for any reason, the DNS server will instead return "22.33.44.66".
>
> The nameserver itself will be located in the company, accessible from
> the world via "ns1.example.com" = 11.22.33.44:53 or "ns2.example.com"
> = 22.33.44.66:53. This allows the nameserver to monitor the state of
> the connections to ISP A and ISP B.
>
> I've been perusing pages discussing BIND, and came to the conclusion
> that BIND is incapable of doing that.
>
> Anyone can recommend me a DNS server that has such capability? Or how
> to implement this ability with maybe Python or (*shivers*) Perl?
>

To illustrate further, here's the pseudo-language logic that I want to
implement:

if ( request == target1.example.com )
{
  if ( state("ISP A") == "up" )
  {
    return "target1.example.com = 11.22.33.44"
  }
  else
  {
    return "target1.example.com = 22.33.44.66"
  }
}

if ( request == target2.example.com )
{
  if ( state("ISP B") == "up" )
  {
    return "target2.example.com = 22.33.44.66"
  }
  else
  {
    return "target2.example.com = 11.22.33.44"
  }
}

So, as you can see, there are actually two targets, one defaults to
ISP A (unless ISP A is down, then it 'falls back' to ISP B), and the
other defaults to ISP B (unless ISP B is down, then it 'falls back' to
ISP A).

Rgds,
-- 
FdS Pandu E Poluan
~ IT Optimizer ~

 • LOPSA Member #15248
 • Blog : http://pepoluan.tumblr.com
 • Linked-In : http://id.linkedin.com/in/pepoluan

Re: [gentoo-server] Failover-capable DNS server?

[Pandu Poluan]

On Mon, Nov 21, 2011 at 17:02, Jos Houtman <jos@hyves.nl> wrote:
> Hi,
> Why don't you create a short lived (say 5 minutes) A record for
> target.example.com.
> Under normal circumstances both ns1 and ns2 will return 11.22.33.44
>

Indeed, it must be short-lived.

> You can then create a script that monitors the internet connection of isp A.
> If that is down, it will update the A records for target.example.com to the
> secondary IP adress.

Yes, but I'd like something more... elegant than having to mess up the
configuration and forcing the DNS server to reload.

That said, I just happened to find PowerDNS, whose "PipeBackend" looks
mighty interesting:

http://doc.powerdns.com/pipebackend-dynamic-resolution.html

http://doc.powerdns.com/backends-detail.html#pipebackend

> Because your A record has a short timeout, downstream clients should pick up
> the new ip address relatively quickly.
> However you have to be aware that some ISP ignore such short lived A records
> and cache the resolved address for a longer period of time.
>

I am aware of that. At least that won't be my fault ;-)

> Depending on your internet connection, I might consider offloading this
> burden to a hosting company.
>

The BoD will clamor for my neck if after incessantly harassing them to
approve my request for a cloud hosting (among others, to implement an
authoritative nameserver) I suddenly do an about face and request for
a 3rd party DNS hosting ;-)

Rgds,
-- 
FdS Pandu E Poluan
~ IT Optimizer ~

 • LOPSA Member #15248
 • Blog : http://pepoluan.tumblr.com
 • Linked-In : http://id.linkedin.com/in/pepoluan

Re: [gentoo-server] Re: Failover-capable DNS server?

[Kalin KOZHUHAROV]

On Mon, Nov 21, 2011 at 19:03, Pandu Poluan <pandu@poluan.info> wrote:
> On Mon, Nov 21, 2011 at 16:52, Pandu Poluan <pandu@poluan.info> wrote:
>> Hello all, I'm in need of some suggestions.
>>
>> You see, I have 2 Internet connections with public IP addresses, let's
>> say ISP A 11.22.33.44 and ISP B 22.33.44.66
>>
>> Now, I want outside parties trying to connect to "target.example.com"
>> by default resolves to 11.22.33.44, but if ISP A's connection goes
>> down for any reason, the DNS server will instead return "22.33.44.66".
>>
>> The nameserver itself will be located in the company, accessible from
>> the world via "ns1.example.com" = 11.22.33.44:53 or "ns2.example.com"
>> = 22.33.44.66:53. This allows the nameserver to monitor the state of
>> the connections to ISP A and ISP B.
>>
>> I've been perusing pages discussing BIND, and came to the conclusion
>> that BIND is incapable of doing that.
>>
>> Anyone can recommend me a DNS server that has such capability? Or how
>> to implement this ability with maybe Python or (*shivers*) Perl?
>>
>
> To illustrate further, here's the pseudo-language logic that I want to
> implement:
>
> if ( request == target1.example.com )
> {
>  if ( state("ISP A") == "up" )
>  {
>    return "target1.example.com = 11.22.33.44"
>  }
>  else
>  {
>    return "target1.example.com = 22.33.44.66"
>  }
> }
>
> if ( request == target2.example.com )
> {
>  if ( state("ISP B") == "up" )
>  {
>    return "target2.example.com = 22.33.44.66"
>  }
>  else
>  {
>    return "target2.example.com = 11.22.33.44"
>  }
> }
>
> So, as you can see, there are actually two targets, one defaults to
> ISP A (unless ISP A is down, then it 'falls back' to ISP B), and the
> other defaults to ISP B (unless ISP B is down, then it 'falls back' to
> ISP A).
>

Hello Pandu,

Even if you hack this somehow, do you want to check the link status on
each request?
Will you be able to handle say 10 requests per second? 100?
Of course you can implement some kind of caching (setting a flag of
the status and updating it every minute), but this will be the same as
having a short TTL for the A record.
Check http://cr.yp.to/djbdns.html, this is what I use for the last 10(+?) years.

And no solution is available (at DNS level) against
mis-configured/-behaving DNS caches caching for longer than the
specified TTL.

Cheers,
Kalin.

RE: [gentoo-server] Failover-capable DNS server?

[Chris Firth]

Hi,

There may be a couple of problems depending on how instant you want the changes to be. With a low DNS TTL there are resolvers out there that ignore low TTL’s, caching records for a longer period of time (there is a large Australian ISP that does this for example). Another case is DNS pinning, although I am not sure how widely used it is.

If I was going to do this I personally would use a different fail over method, eg. BGP or perhaps pointing the A record to a load balancing type service where you can add/remove servers from a pool as you see fit (or automatically). This depends on the service though – every time I have configured something for high availability it has been to ensure that it can be accessed everywhere with no problems in a failure scenario and DNS just isn’t a reliable method for failing over to another location. In some cases it has worked out better offloading the hosting to someone else so they can take care of it, but it does depend on the budget (most highly available services have some sort of monetary motivation for going HA in the first place).

With that aside, maybe PowerDNS with a LUA based backend could be suitable and you can script it to exactly your needs. I guess it could also be done out of a SQL database (eg. just have a script that checks the server to see if it's up, if it is then update the A record in the database). The SQL databases for PowerDNS don't require a reload for new/changed records, but they do get cached internally for a period of time.

Thanks,
Chris

-----Original Message-----
From: Pandu Poluan [mailto:pandu@poluan.info] 
Sent: Monday, 21 November 2011 5:52 PM
To: Gentoo-server@lists.gentoo.org
Subject: [gentoo-server] Failover-capable DNS server?

Hello all, I'm in need of some suggestions.

You see, I have 2 Internet connections with public IP addresses, let's say ISP A 11.22.33.44 and ISP B 22.33.44.66

Now, I want outside parties trying to connect to "target.example.com"
by default resolves to 11.22.33.44, but if ISP A's connection goes down for any reason, the DNS server will instead return "22.33.44.66".

The nameserver itself will be located in the company, accessible from the world via "ns1.example.com" = 11.22.33.44:53 or "ns2.example.com"
= 22.33.44.66:53. This allows the nameserver to monitor the state of the connections to ISP A and ISP B.

I've been perusing pages discussing BIND, and came to the conclusion that BIND is incapable of doing that.

Anyone can recommend me a DNS server that has such capability? Or how to implement this ability with maybe Python or (*shivers*) Perl?

Rgds,
--
FdS Pandu E Poluan
~ IT Optimizer ~

 • LOPSA Member #15248
 • Blog : http://pepoluan.tumblr.com
 • Linked-In : http://id.linkedin.com/in/pepoluan

Re: [gentoo-server] Re: Failover-capable DNS server?

[Christian Parpart]

[-- Attachment #1: Type: text/plain, Size: 2639 bytes --]

Hey,

did you consider using BGP [1]? Reading your requirements seems like you're
not doing this for home, that said, two business uplinks supporting BGP
should be payable for a company (not THAT expensive, I went into this once,
too).

OTOH, if basic A-record switching does the thing for you, I'd recomment
using a very low TTL for your record (can go even down to 1 second as
minimum) and install some uptime script that does exactly the check another
poster already replied :)

So long,
Christian Parpart.

[1] http://en.wikipedia.org/wiki/Border_Gateway_Protocol

On Mon, Nov 21, 2011 at 11:03 AM, Pandu Poluan <pandu@poluan.info> wrote:

> On Mon, Nov 21, 2011 at 16:52, Pandu Poluan <pandu@poluan.info> wrote:
> > Hello all, I'm in need of some suggestions.
> >
> > You see, I have 2 Internet connections with public IP addresses, let's
> > say ISP A 11.22.33.44 and ISP B 22.33.44.66
> >
> > Now, I want outside parties trying to connect to "target.example.com"
> > by default resolves to 11.22.33.44, but if ISP A's connection goes
> > down for any reason, the DNS server will instead return "22.33.44.66".
> >
> > The nameserver itself will be located in the company, accessible from
> > the world via "ns1.example.com" = 11.22.33.44:53 or "ns2.example.com"
> > = 22.33.44.66:53. This allows the nameserver to monitor the state of
> > the connections to ISP A and ISP B.
> >
> > I've been perusing pages discussing BIND, and came to the conclusion
> > that BIND is incapable of doing that.
> >
> > Anyone can recommend me a DNS server that has such capability? Or how
> > to implement this ability with maybe Python or (*shivers*) Perl?
> >
>
> To illustrate further, here's the pseudo-language logic that I want to
> implement:
>
> if ( request == target1.example.com )
> {
>  if ( state("ISP A") == "up" )
>  {
>    return "target1.example.com = 11.22.33.44"
>  }
>  else
>  {
>    return "target1.example.com = 22.33.44.66"
>  }
> }
>
> if ( request == target2.example.com )
> {
>  if ( state("ISP B") == "up" )
>  {
>    return "target2.example.com = 22.33.44.66"
>  }
>  else
>  {
>    return "target2.example.com = 11.22.33.44"
>  }
> }
>
> So, as you can see, there are actually two targets, one defaults to
> ISP A (unless ISP A is down, then it 'falls back' to ISP B), and the
> other defaults to ISP B (unless ISP B is down, then it 'falls back' to
> ISP A).
>
> Rgds,
> --
> FdS Pandu E Poluan
> ~ IT Optimizer ~
>
>  • LOPSA Member #15248
>  • Blog : http://pepoluan.tumblr.com
>  • Linked-In : http://id.linkedin.com/in/pepoluan
>
>

[-- Attachment #2: Type: text/html, Size: 4247 bytes --]

Re: [gentoo-server] Failover-capable DNS server?

[Alan Hodgson]

On Monday 21 November 2011 01:52:09 Pandu Poluan wrote:
> Anyone can recommend me a DNS server that has such capability? Or how
> to implement this ability with maybe Python or (*shivers*) Perl?

You can write a pipe backend for PowerDNS to do this sort of thing. The 
protocol to talk to PowerDNS is quite simple.

Re: [gentoo-server] Failover-capable DNS server?

[Pandu Poluan]

[-- Attachment #1: Type: text/plain, Size: 670 bytes --]

On Nov 22, 2011 12:19 AM, "Alan Hodgson" <ahodgson@simkin.ca> wrote:
>
> On Monday 21 November 2011 01:52:09 Pandu Poluan wrote:
> > Anyone can recommend me a DNS server that has such capability? Or how
> > to implement this ability with maybe Python or (*shivers*) Perl?
>
> You can write a pipe backend for PowerDNS to do this sort of thing. The
> protocol to talk to PowerDNS is quite simple.
>

At first glance, I agree. Using PowerDNS instead of BIND also would
introduce a necessary "genetic variety" to my nameservers.

One question, though: Its PowerDNS really good? Performance-wise,
security-wise, or whatever-wise? Any 'gotcha's I need to be aware of?

Rgds,

[-- Attachment #2: Type: text/html, Size: 841 bytes --]

Re: [gentoo-server] Failover-capable DNS server?

[Alan Hodgson]

On Monday 21 November 2011 09:39:02 Pandu Poluan wrote:
> One question, though: Its PowerDNS really good? Performance-wise,
> security-wise, or whatever-wise? Any 'gotcha's I need to be aware of?
> 

It's fast and reliable. It hasn't had frequent security issues, although it's 
no tinydns. I've run it for years under reasonably heavy load (several 
thousand queries per second) without any problems. 

Gotchas - major version upgrades seem to take a while to shake out the bugs. 
And there are some legacy oddities around CNAMEs due to a past history of 
combing recursive functions with the authoritiative server. With the pipe 
backend you need to be really careful in your script to only serve the records 
you think you're serving. Nothing too serious, imo.

RES: [gentoo-server] Failover-capable DNS server?

[Eduardo Schoedler]

[-- Attachment #1: Type: text/plain, Size: 1102 bytes --]

Yes, PowerDNS and MaraDNS are good.

You can write some scripts with heartbeatd to change the responde of your dns... and change the TTL to 5 minutes or less.

 

--

Eduardo Schoedler

 

 

De: Pandu Poluan [mailto:pandu@poluan.info] 
Enviada em: segunda-feira, 21 de novembro de 2011 15:39
Para: gentoo-server@lists.gentoo.org
Assunto: Re: [gentoo-server] Failover-capable DNS server?

 


On Nov 22, 2011 12:19 AM, "Alan Hodgson" <ahodgson@simkin.ca> wrote:
>
> On Monday 21 November 2011 01:52:09 Pandu Poluan wrote:
> > Anyone can recommend me a DNS server that has such capability? Or how
> > to implement this ability with maybe Python or (*shivers*) Perl?
>
> You can write a pipe backend for PowerDNS to do this sort of thing. The
> protocol to talk to PowerDNS is quite simple.
>

At first glance, I agree. Using PowerDNS instead of BIND also would introduce a necessary "genetic variety" to my nameservers.

One question, though: Its PowerDNS really good? Performance-wise, security-wise, or whatever-wise? Any 'gotcha's I need to be aware of?

Rgds,


[-- Attachment #2: Type: text/html, Size: 4327 bytes --]

Re: RES: [gentoo-server] Failover-capable DNS server?

[Pandu Poluan]

[-- Attachment #1: Type: text/plain, Size: 861 bytes --]

On Nov 22, 2011 1:34 AM, "Eduardo Schoedler" <listas@esds.com.br> wrote:
>
> Yes, PowerDNS and MaraDNS are good.
>

I like MaraDNS. It's light, fast, and secure. But I have 2 problems with it:

1. It's static. If I need to change a zone definition I must restart the
service. I know, that'll take less than a couple of seconds, but I don't
like it. (Yeah, I'm anal like that :-P )

2. I couldn't really figure out Deadwood. AFAIK Gentoo has no Deadwood
package, and I need Deadwood to solve "dangling CNAME" problems [1].

[1] http://www.maradns.org/tutorial/dangling.html

> You can write some scripts with heartbeatd to change the responde of your
dns... and change the TTL to 5 minutes or less.
>

Yes. With PowerDNS, I think I will run a nohup-ed script that 'wakes up'
every a couple of minutes, do some ping tests, and update pdns' MySQL
database.

Rgds,

[-- Attachment #2: Type: text/html, Size: 1113 bytes --]

Re: [gentoo-server] Failover-capable DNS server?

[Norman Rieß]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 11/21/11 10:52, Pandu Poluan wrote:
> Hello all, I'm in need of some suggestions.
> 
> You see, I have 2 Internet connections with public IP addresses, let's
> say ISP A 11.22.33.44 and ISP B 22.33.44.66
> 
> Now, I want outside parties trying to connect to "target.example.com"
> by default resolves to 11.22.33.44, but if ISP A's connection goes
> down for any reason, the DNS server will instead return "22.33.44.66".
> 
> The nameserver itself will be located in the company, accessible from
> the world via "ns1.example.com" = 11.22.33.44:53 or "ns2.example.com"
> = 22.33.44.66:53. This allows the nameserver to monitor the state of
> the connections to ISP A and ISP B.
> 
> I've been perusing pages discussing BIND, and came to the conclusion
> that BIND is incapable of doing that.
> 
> Anyone can recommend me a DNS server that has such capability? Or how
> to implement this ability with maybe Python or (*shivers*) Perl?
> 
> Rgds,


Hello,

you could use another way, by switching the IP address of the DNS server
with Heartbeat acordingly. Say you have a server with IP A and another
with IP B. You can tell heartbeat to switch an IP C as second IP between
these servers. So if Server 1 ist master, it has IP A and C. If it goes
down, Server 2 will bring IP C up and become master. IP C will be you ns
dns record obviously.
You can avoid splitbrains when a network component between these
machines goes down by wiering them crossover on a second NIC.
Even saver would be a STONITH device, which kills the whole machine if
one of the servers is reachable and answers to ping but is doing crap.

A client side way would be a resolve.conf looking like this:

nameserver 11.22.33.44
nameserver 22.33.44.66
options timeout:1
search your.domain


regards,
Norman
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJOyz4BAAoJEMCA6frkLT6zcGMH/RhfutaeDKtelQsRotGDfEjb
z9dWgWJs+YBC4P16AGw9ZGEQ8b1zOjhnj4mjjkCPQohik0A4tCLHqUX0tC2QeJSN
4fErfaqInOqqPHmcvEOYBREG09dC0VoqGC9MjzvOKn2yYUbaBdt8Foc8o6DHICKi
rZMl2KGWIUUSv4/uhbaqpd3mEceqGB33XjssvYDis1douPz4TgZTexYlC/gX+OtF
l8eUDdEWy6ks+BM712CLqWAp45zgv3QPQvNQiPyOUU++LQ7vW5FLmlz6fHl9xUtw
SjqUC+9Ry17VdSTBSMtmiTZjaXoR2LFZPiVvFnIKYKvJE/Fa3sDMtLFQTF1u0SE=
=dKBC
-----END PGP SIGNATURE-----

Re: [gentoo-server] Failover-capable DNS server?

[Pandu Poluan]

[-- Attachment #1: Type: text/plain, Size: 2277 bytes --]

On Nov 22, 2011 1:18 PM, "Norman Rieß" <norman@smash-net.org> wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 11/21/11 10:52, Pandu Poluan wrote:
> > Hello all, I'm in need of some suggestions.
> >
> > You see, I have 2 Internet connections with public IP addresses, let's
> > say ISP A 11.22.33.44 and ISP B 22.33.44.66
> >
> > Now, I want outside parties trying to connect to "target.example.com"
> > by default resolves to 11.22.33.44, but if ISP A's connection goes
> > down for any reason, the DNS server will instead return "22.33.44.66".
> >
> > The nameserver itself will be located in the company, accessible from
> > the world via "ns1.example.com" = 11.22.33.44:53 or "ns2.example.com"
> > = 22.33.44.66:53. This allows the nameserver to monitor the state of
> > the connections to ISP A and ISP B.
> >
> > I've been perusing pages discussing BIND, and came to the conclusion
> > that BIND is incapable of doing that.
> >
> > Anyone can recommend me a DNS server that has such capability? Or how
> > to implement this ability with maybe Python or (*shivers*) Perl?
> >
> > Rgds,
>
>
> Hello,
>
> you could use another way, by switching the IP address of the DNS server
> with Heartbeat acordingly. Say you have a server with IP A and another
> with IP B. You can tell heartbeat to switch an IP C as second IP between
> these servers. So if Server 1 ist master, it has IP A and C. If it goes
> down, Server 2 will bring IP C up and become master. IP C will be you ns
> dns record obviously.
> You can avoid splitbrains when a network component between these
> machines goes down by wiering them crossover on a second NIC.
> Even saver would be a STONITH device, which kills the whole machine if
> one of the servers is reachable and answers to ping but is doing crap.
>
> A client side way would be a resolve.conf looking like this:
>
> nameserver 11.22.33.44
> nameserver 22.33.44.66
> options timeout:1
> search your.domain
>

Although interesting, your suggestion does not fit my need.

It's not the servers going down that I'm monitoring against, but the
incoming connections. If one connection goes down, the DNS server is still
running in the DMZ, so a heartbeat will not help.

Rgds,

[-- Attachment #2: Type: text/html, Size: 3016 bytes --]