DNS BIND Failover Setup (High Availability)

[Kaushal Shriyan]

Hi,

Can someone please point me to setup High Availability BIND DNS Server
on CentOS Linux version 5.8?

Regards,

Kaushal

[Chuck Swiger]

On Sep 14, 2012, at 4:37 AM, Kaushal Shriyan wrote:
> Can someone please point me to setup High Availability BIND DNS Server
> on CentOS Linux version 5.8?

Sure; read the fine BIND ARM:

http://www.isc.org/software/bind/documentation

Setup and register as many nameservers for your domains as you find useful
considering # of datacenters available, per-DC replication, etc to meet your HA goals.

Regards,
--
-Chuck

[Kaushal Shriyan]

Hi Chuck,

Thanks for the reply. Basically i am setting up Internal DNS Server
within the same DC. Will Master Slave Replication suit the need?
and any step by step guide and what all security aspects need to be taken care.

Regards,

Kaushal

[Chuck Swiger]

On Sep 14, 2012, at 4:36 PM, Kaushal Shriyan wrote:
> Thanks for the reply. Basically i am setting up Internal DNS Server
> within the same DC. Will Master Slave Replication suit the need?

Yes. (Oh, there are other ways of doing replication, but AFXR works fine.)

> and any step by step guide and what all security aspects need to be taken care.

Why don't you read the fine docs and let us know if you run into a specific problem?

Regards,
--
-Chuck

[david t. klein]

A month and a half late, but what you can do is:


- Hidden master, owns the zones but is not advertised, except in SOA
- Zones are dynamic, you learn to make updates with NSUPDATE, pointed at
the master
- CRON job in the master to freeze-backup-thaw the zones as often as your
backup policy says
- Multiple slaves learn the zones from the master via XFR
- The slaves listen on a loopback address, which is the same address in
every slave
- Each slave runs a routing daemon and advertizes the loopback address as a
specific /32 or /128 to his upstream router
- All clients are configured with the IP Anycast address, and you have NS
record for the IP Anycast address
- You run a monitoring script in each slave, so that if NAMED stops being
available or stops giving sensible/correct answers, then the script:
- sends a "KILL -9" to NAMED
- withdraws the route from the routing daemon
- downs the loopback virtual interface
- sends you an email/page/rings an alarm


Really, many people have solved this, in much the same way. It is almost a
standard pattern.


--
david t. klein

Cisco Certified Network Associate (CSCO11281885)
Linux Professional Institute Certification (LPI000165615)
Redhat Certified Engineer (805009745938860)

Quis custodiet ipsos custodes?




-----Original Message-----
From: bind-users-bounces+root=nachtm...@lists.isc.org
[mailto:bind-users-bounces+root=nachtm...@lists.isc.org] On Behalf Of
Kaushal Shriyan
Sent: Friday, September 14, 2012 6:37 AM
To: bind-...@lists.isc.org
Subject: DNS BIND Failover Setup (High Availability)

Hi,

Can someone please point me to setup High Availability BIND DNS Server on
CentOS Linux version 5.8?

Regards,

Kaushal
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to
unsubscribe from this list

bind-users mailing list
bind-...@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

-----
No virus found in this message.
Checked by AVG - www.avg.com
Version: 2012.0.2221 / Virus Database: 2441/5298 - Release Date: 09/29/12