[dns-operations] Multi-master setups
Anand Buddhdev
anandb at ripe.net
Fri May 17 14:53:09 UTC 2013
Dear DNS folk,
I'm thinking about multi-master setups to add some resiliency to our DNS
infrastructure.
In our specific case we have a distribution server which slaves several
zones from various different parties. They also send notify messages to
this server. Once it transfers a zone, it sends notify messages to our
public-facing DNS cluster, and they all transfer the zone from it.
Obviously, this single distribution server is a single point of failure,
and I'd like to get rid of it.
The simplest solution is to add a second server to our infrastructure,
with an identical zone configuration, so that it is also a slave for all
the same zones. It would also transfer zones directly from the masters,
and provide AXFR/IXFR to our cluster.
Adding a second distribution server has management overhead though. We
have several hundred masters, and even after contacting all of them, we
will never have a 100% clean setup where the master allows zone
transfers for both our distribution servers. So if I want to ensure that
both our distribution servers hold identical copies of zones, then I
would ideally want them to notify each other, and pull zones off each
other as well. Do any of you do this?
Aside from this idea, are there any other clever ideas people have
implemented?
Regards,
Anand Buddhdev
More information about the dns-operations
mailing list