LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
LinkBack Search this Thread
Old 02-18-2007, 11:36 PM   #1
meema
LQ Newbie
 
Registered: Feb 2007
Posts: 5

Rep: Reputation: 0
setup primary,secondary dns records webmin


Hello,

How can i configure the dns server using webmin to have primary and secondary dns records, such that if the primary web server is down, the secondary dns record will point to the secondary web server and the service wont be affected.

thanx
 
Old 02-19-2007, 12:26 AM   #2
JimBass
Senior Member
 
Registered: Oct 2003
Location: New York City
Distribution: Debian Sid 2.6.32
Posts: 2,100

Rep: Reputation: 48
That is not something that can be done with DNS alone. DNS has no way to check and prioritize servers. Actually it can prioritize, but there isn't a browser client in the world that checks for these records at present.

Your options to do something like this include:

Look into the linux-ha project at http://linux-ha.org/ . It is an open-source way to build a cluster of webservers.

A tougher way to do what you want with the machines you already have would be a step by step check, something like this:

1) Install a network monitor tool like nagios (http://nagios.org ) , have it check the primary and secondary webservers. If the primary check fails, it should execute a script on the primary DNS server that loads a new zonefile for your domain that only has the secondary webserver. This will require some shell scripting to alter the zonefile, or call on a secondary file from somewhere, and restart BIND with the new configs.

2) This will NOT work for all the people who are "already" or "recently" looking at your site. If they have asked for the A record for your site, they will keep that record for as long as the TTL is. Until that TTl expires, they will still try to look at the site at the address of the server that is down. To combat this, you'll want a really low TTL (like 60 seconds or less), but that will cause a ton of lookups on your DNS servers, so if bandwith or load is already a problem for you, that won't help any.

The fact that you're using webmin makes me think you are staying away from the command line, and to accomplish what you want here, that just won't work. You've got to get dirty with the code to make something like what you want (99.99% uptime) happen.

Peace,
JimBass
 
Old 02-19-2007, 01:03 AM   #3
meema
LQ Newbie
 
Registered: Feb 2007
Posts: 5

Original Poster
Rep: Reputation: 0
Thanx Jim Bass i'll try your suggestion.

Actually i prefer the command line but in the past i tried to solve some problems with the command line and found out that i could have done that using webmin very easily.
 
Old 02-19-2007, 04:35 PM   #4
fukawi2
Member
 
Registered: Oct 2006
Location: Melbourne, Australia
Distribution: ArchLinux, ArchServer, Fedora, CentOS
Posts: 448

Rep: Reputation: 34
Code:
[phillips@karratha ~]$ dig www.google.com.au
;; ANSWER SECTION:
www.google.com.au.      93818   IN      CNAME   www.google.com.
www.google.com.         266613  IN      CNAME   www.l.google.com.
www.l.google.com.       258     IN      A       66.102.7.104
www.l.google.com.       258     IN      A       66.102.7.147
www.l.google.com.       258     IN      A       66.102.7.99
[phillips@karratha ~]$
Can anyone tell us how does Google does it...?
 
Old 02-19-2007, 04:50 PM   #5
JimBass
Senior Member
 
Registered: Oct 2003
Location: New York City
Distribution: Debian Sid 2.6.32
Posts: 2,100

Rep: Reputation: 48
Sure, they round robin the A records. You can have many A records for the main site. Which one your browser selects is picked at random from that list.

All you have to do is list multiple addresses, something like
Code:
7200    IN      A       45.56.67.78
7200    IN      A       23.45.67.89
7200    IN      A       12.34.56.78
Peace,
JimBass
 
Old 02-19-2007, 05:03 PM   #6
fukawi2
Member
 
Registered: Oct 2006
Location: Melbourne, Australia
Distribution: ArchLinux, ArchServer, Fedora, CentOS
Posts: 448

Rep: Reputation: 34
Wouldn't that achieve what meema is attempting to do...?
 
Old 02-19-2007, 05:29 PM   #7
JimBass
Senior Member
 
Registered: Oct 2003
Location: New York City
Distribution: Debian Sid 2.6.32
Posts: 2,100

Rep: Reputation: 48
Not quite. It does allow failover to happen, but it doesn't keep the servers in a primary/secondary role. With 2 A records for your domain, you should (in a perfect world) see 50% of your traffic go to the first IP, and the other 50% go to the second. You can't use it like a mail exchanger, where you can set priorities on which one to use. If you have a situation like unequal bandwidth, you don't want an even split of traffic between them.

It basically doesn't allow a primary secondary relationship, it makes everything equal.

Also in reality, many browsers don't respect the multiple A records, and automatically take the first record given. If you could see google's stats for the 3 addresses you found when you asked for google.com.au, you'd see the first record returned gets probably 70% of the traffic I would guess.

Peace,
JimBass
 
Old 02-19-2007, 06:02 PM   #8
fukawi2
Member
 
Registered: Oct 2006
Location: Melbourne, Australia
Distribution: ArchLinux, ArchServer, Fedora, CentOS
Posts: 448

Rep: Reputation: 34
Fair enough - thanks JimBass...

Basically a very crude method to achieve something close to the desired result.
 
Old 02-21-2007, 08:31 AM   #9
meema
LQ Newbie
 
Registered: Feb 2007
Posts: 5

Original Poster
Rep: Reputation: 0
thanx all...

what if the two servers were in different networks i.e. we deal with public IP addresses
 
Old 02-21-2007, 09:28 AM   #10
JimBass
Senior Member
 
Registered: Oct 2003
Location: New York City
Distribution: Debian Sid 2.6.32
Posts: 2,100

Rep: Reputation: 48
DNS servers are supposed to be in different public networks. It is suggested that any public DNS servers for a domain be in 2 different public class C networks.

If you were talking about the web servers addresses, that also is fine. You can return any valid IP address in the world for your domain.

Peace,
JimBass
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
How to confvert a secondary DNS server to a primary? Tazzmanian Linux - Networking 5 12-15-2005 10:07 AM
DNS- Windows Primary, bind secondary mjstone03 Linux - General 0 09-27-2005 03:09 PM
primary - secondary DNS jsheffie Solaris / OpenSolaris 2 08-01-2005 06:55 AM
DNS pb localdomain/in has no NS records using Webmin ..help.. :( villalolo Linux - Networking 1 07-01-2005 11:48 AM
Primary and Secondary DNS dilberim82 Linux - Networking 3 07-13-2001 10:50 AM


All times are GMT -5. The time now is 05:46 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration