On Nov 22, 2011 1:18 PM, "Norman Rieß" wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 11/21/11 10:52, Pandu Poluan wrote: > > Hello all, I'm in need of some suggestions. > > > > You see, I have 2 Internet connections with public IP addresses, let's > > say ISP A 11.22.33.44 and ISP B 22.33.44.66 > > > > Now, I want outside parties trying to connect to "target.example.com" > > by default resolves to 11.22.33.44, but if ISP A's connection goes > > down for any reason, the DNS server will instead return "22.33.44.66". > > > > The nameserver itself will be located in the company, accessible from > > the world via "ns1.example.com" = 11.22.33.44:53 or "ns2.example.com" > > = 22.33.44.66:53. This allows the nameserver to monitor the state of > > the connections to ISP A and ISP B. > > > > I've been perusing pages discussing BIND, and came to the conclusion > > that BIND is incapable of doing that. > > > > Anyone can recommend me a DNS server that has such capability? Or how > > to implement this ability with maybe Python or (*shivers*) Perl? > > > > Rgds, > > > Hello, > > you could use another way, by switching the IP address of the DNS server > with Heartbeat acordingly. Say you have a server with IP A and another > with IP B. You can tell heartbeat to switch an IP C as second IP between > these servers. So if Server 1 ist master, it has IP A and C. If it goes > down, Server 2 will bring IP C up and become master. IP C will be you ns > dns record obviously. > You can avoid splitbrains when a network component between these > machines goes down by wiering them crossover on a second NIC. > Even saver would be a STONITH device, which kills the whole machine if > one of the servers is reachable and answers to ping but is doing crap. > > A client side way would be a resolve.conf looking like this: > > nameserver 11.22.33.44 > nameserver 22.33.44.66 > options timeout:1 > search your.domain > Although interesting, your suggestion does not fit my need. It's not the servers going down that I'm monitoring against, but the incoming connections. If one connection goes down, the DNS server is still running in the DMZ, so a heartbeat will not help. Rgds,