[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Swapping IP addresses on 2 raqs to improve DNS setup

Peter wrote:

> I am trying to add some redundancy by improving my DNS setup now I have
> 2 raqs.  I have read other postings on setting up master and slaves but
> none answer this particular question.
> 
> I have 2 raqs and I would like each raq to act as both a Master/Primary
> Nameserver and a slave/secondary.  At the moment each raq acts provides
> primary and secondary nameservers which I know isn't the best.

Let's do it the easy way:

I presume you've already got primary records for all the domains on raqA
in DNS hosted on raqA.

And the primary records for all the domains on raqB in DNS hosted on
raqB.

So the easiest way to go from here is to add secondary records for all
the domains on raqB to the DNS on raqA, and secondary records for all
the domains on raqA to the DNS on raqB.

> Currently I have 4 nameservers set up as follows:
> On raqA:
> ns.domain1.com XXX.XXX.XXX.1  (primary)
> ns2.domain1.com XXX.XXX.XXX.2 (secondary)
> 
> Both these IP's are assigned to RaqA
> 
> On raqB:
> ns.domain2.com XXX.XXX.XXX.3  (primary)
> ns2.domain2.com XXX.XXX.XXX.4 (secondary)

Then swap the IP# for ns2.domain1.com with the IP# for ns2.domain2.com
(you do that both in DNS records, and at your registrar).

> All IPs on both raqs are on the same network.

They'll still be on the same network, but you've just given yourself a
lot of redundancy.

> Now unfortunately I have registered a lot of domains with either the
> domain1 or domain2 nameservers so I need to preserve all of these as I
> don't want to change the registrar records for all these domains.
> 
> I was hoping to set it up so that one raq acts as master for
> ns.domain1.com and slave for ns2.domain2.com and vice versa.
> 
> I think what's needed is:
> 1. Swap assignment of XXX.XXX.XXX.2 and XXX.XXX.XXX.4 so they are on
> opposite boxes

You can swap the IP#s or the assignments with your registrar (as I noted
above); whichever is easier for you.

> 2. Enter in DNS Parameters > Server Settings > Zone Transfer Access,
> the IP address of each corresponding slave

Sounds good.

> Is this correct? Do I need to do anything else? How does the slave know
> it is a slave? Do I need to add secondary name service for each domain
> or does the slave automatically get updated?

By adding those secondary records I mentioned.

> I am also planning to add a 3rd nameserver outside of this network.  Do
> I simply add this IP into the zone transfer access list?

And be sure to add the secondary records to it as well.

Be sure to keep the secondary records updated on all three systems.

An easier way to do it might be to do all your DNS manually on one
server, then use a cron file to every hour (for example) copy the
"/etc/named/records" file to a web-available directory.

Then, also hourly (but at a staggered time), configure the two servers
you want used as slaves to wget those files to overwrite their own
/etc/named/records file, and to restart their nameserver.

Many ISPs do it this way; it makes it a lot easer to synchronise the
servers.

It doesn't matter how you duplicate the records, whether you do it with
the "master/slave" method built into bind, or by any other method, and
it doesn't matter which nameserver you call ns1 and which you call ns2,
or ns3, your resolver will always query all the nameservers it knows
about, and keep records from the fastest one.

> Obviously I don't want lose any service for my customers so I want to
> be sure of the process before anything happens.

Like flying, DNS isn't inherently dangerous; it's just terribly
unforgiving of mistakes.  We've done it for lots of clients, literally
tens of thousands of domains.  You can do it, too <smile>.

Jeff
-- 
Jeff Lasman <jblists@xxxxxxxxxxxxx>
Linux and Cobalt/Sun/RaQ Consulting
nobaloney.net, P. O. Box 52672, Riverside, CA  92517
voice: +1 909 778-9980  *  fax: +1 909 548-9484