Re: [gentoo-server] Re: Failover-capable DNS server?

[Kalin KOZHUHAROV <kalin@thinrope.net>]

On Mon, Nov 21, 2011 at 19:03, Pandu Poluan <pandu@poluan.info> wrote:
> On Mon, Nov 21, 2011 at 16:52, Pandu Poluan <pandu@poluan.info> wrote:
>> Hello all, I'm in need of some suggestions.
>>
>> You see, I have 2 Internet connections with public IP addresses, let's
>> say ISP A 11.22.33.44 and ISP B 22.33.44.66
>>
>> Now, I want outside parties trying to connect to "target.example.com"
>> by default resolves to 11.22.33.44, but if ISP A's connection goes
>> down for any reason, the DNS server will instead return "22.33.44.66".
>>
>> The nameserver itself will be located in the company, accessible from
>> the world via "ns1.example.com" = 11.22.33.44:53 or "ns2.example.com"
>> = 22.33.44.66:53. This allows the nameserver to monitor the state of
>> the connections to ISP A and ISP B.
>>
>> I've been perusing pages discussing BIND, and came to the conclusion
>> that BIND is incapable of doing that.
>>
>> Anyone can recommend me a DNS server that has such capability? Or how
>> to implement this ability with maybe Python or (*shivers*) Perl?
>>
>
> To illustrate further, here's the pseudo-language logic that I want to
> implement:
>
> if ( request == target1.example.com )
> {
>  if ( state("ISP A") == "up" )
>  {
>    return "target1.example.com = 11.22.33.44"
>  }
>  else
>  {
>    return "target1.example.com = 22.33.44.66"
>  }
> }
>
> if ( request == target2.example.com )
> {
>  if ( state("ISP B") == "up" )
>  {
>    return "target2.example.com = 22.33.44.66"
>  }
>  else
>  {
>    return "target2.example.com = 11.22.33.44"
>  }
> }
>
> So, as you can see, there are actually two targets, one defaults to
> ISP A (unless ISP A is down, then it 'falls back' to ISP B), and the
> other defaults to ISP B (unless ISP B is down, then it 'falls back' to
> ISP A).
>

Hello Pandu,

Even if you hack this somehow, do you want to check the link status on
each request?
Will you be able to handle say 10 requests per second? 100?
Of course you can implement some kind of caching (setting a flag of
the status and updating it every minute), but this will be the same as
having a short TTL for the A record.
Check http://cr.yp.to/djbdns.html, this is what I use for the last 10(+?) years.

And no solution is available (at DNS level) against
mis-configured/-behaving DNS caches caching for longer than the
specified TTL.

Cheers,
Kalin.