[dns-operations] Monitoring anycast nodes for automatic route withdrawal
Joe Abley
jabley at hopcount.ca
Wed Aug 4 21:29:07 UTC 2010
On 2010-08-04, at 15:52, Chris Marlatt wrote:
> In our setups we use FreeBSD and the disc interface driver. This permits
> us to keep the anycast'ed address(es) on a virtual interface allowing
> up/down'ing of the interface itself to facilitate route withdrawals
> while keeping management to the nameserver itself unaffected by anything
> a script is going to be executing.
Another way of doing this is to clone a loopback interface (e.g. ifconfig lo1 create) and bind the anycast service addresses to that. That loopback can then be ifconfig'd up/down to trigger the appropriate routing protocol action.
This was the kind of thing I proposed in ISC-TN-2004-1, e.g. see <http://ftp.isc.org/isc/pubs/tn/isc-tn-2004-1.html#appx.WrapperScript>. The health checks proposed in that wrapper script were, basically, "if BIND9 is happy enough with itself that it hasn't dumped core yet, then we are probably good". This built on the fact that BIND9 is riddled with assertions, and is generally pretty good at killing itself if its routine navel-contemplation suggests anything is weird.
Joe
More information about the dns-operations
mailing list