4

Note: This is a follow-up to my previous question regarding DNS Failover.

The Goal: to make the client's web browser select the next available server if one is down instantly.

I've read somewhere that multiple A records (while not the best solution) is the only "instant failover" solution possible for HTTP/browser-based applications.

Here's the scenario/example:

I have two servers A and B which contains exactly the same content. The IP address of server A is 1.1.1.1 and 1.1.1.2 The IP address of server B is 2.2.2.1 and 2.2.2.2 I have a domain registered at Godaddy. If I want to make use of DNS round robin, which method is best?

Method 1: Do I set my nameserver entries at Godaddy like this?

  1. ns1.serverA.com
  2. ns2.serverA.com
  3. ns1.serverB.com
  4. ns2.serverB.com

Method 2: Or do I make Godaddy as my nameserver and add A Records like this:

  1. A @ 1.1.1.1
  2. A @ 1.1.1.2
  3. A @ 2.2.2.1
  4. A @ 2.2.2.2

My question is, will DNS round robin work with either of the two methods? If not then what's the best method to achieve the goal?

Community
  • 1
IMB
  • 499
  • 2
  • 7
  • 13

4 Answers4

8

The Goal: to make the client's web browser select the next available server if one is down instantly.

That's generally done by introducing a 3rd server, called a load balancer. The load balancer:

  1. Directs traffic to the 2 web servers.
  2. Monitors the health of the 2 web servers.
  3. Switches traffic to the remaining web server if one fails.

The load balancer itself can be made highly available by using 2 load balancers (LB), i.e. at least 4 servers (2 LB's, 2 webapp servers) in total. However, many smaller shops run with just one load balancer, because they are relatively simpler systems, and will often be very reliable.

Method 1: Do I set my nameserver entries at Godaddy like this? 1. ns1.serverA.com 2. ns2.serverA.com 3. ns1.serverB.com 4. ns2.serverB.com

Absolutely not. The name servers are only used for resolving the IP addresses of the web servers. Keep the name servers for the domain to your registrar/DNS host (GoDaddy) defaults.

Method 2: Or do I make Godaddy as my nameserver and add A Records like this: 1. A @ 1.1.1.1 2. A @ 1.1.1.2 3. A @ 2.2.2.1 4. A @ 2.2.2.2

When DNS Round Robin (DNS RR) is used as part of a high-end failover / high availability setup, then the IP addresses the DNS RR points to are highly available. In other words, each IP address is a virtual IP handled by 2 devices. As a pure high availability solution, without higly available server IPs, DNS RR doesn't work too well. The basic problem is that some clients may continue to use the 'dead' IP address, you're relying on the client doing 'the right thing', and not all clients do. Using a real HTTP load balancer is better.

That said, many small websites use DNS RR for load distribution only with good results. It's all about your expectations I guess.

In the DNS RR case, having 2 IP addresses per physical server gives you nothing, only extra complexity. So just use one IP for each server, in your notation:

A @ 1.1.1.1
A @ 2.2.2.1
Community
  • 1
2

You would usually go for the "A record" approach. You can control TTLs too on the A records which some ICANN registrars might ignore on the NS records.

Round Robin DNS is great but beware some browsers (older IEs for example) can cache records for too long so if one of your Web Servers fails and you drop its IP from the published DNS then you might still get a few visitors going to that IP (a pretty small percentage all the same but enough to get a complaint or two). It's very good for load balancing though.

jscott
  • 24,204
  • 8
  • 77
  • 99
Jonathan Ross
  • 2,173
  • 11
  • 14
  • Since Windows XP SP2, I think that Internet Explorer tries another IP-address if the first IP-address is unreachable. – Jonas Mar 28 '11 at 08:59
2

What you describe as method1 breaks DNS and provides no failover. DNS records should also have an authoritiative source - there cannot be two conflicting authoritative sources (but there can be multiple copies of the same conf).

symcbean
  • 19,931
  • 1
  • 29
  • 49
2

I don't think that your suggestions will fully implement what you're hoping to do.

The A-record approach you've documented will provide all of those IP-addresses as suitable for fetching your content from, so a user's web-browser is free to use any of them. If indeed the particular server that gets chosen is down, then the user's browser may choose to try a different IP-address, but it won't be anywhere near instant.

I'm also dubious about listing multiple IPs for a single server. Suppose that server A is down; if my browser attempts to connect to 1.1.1.1, then (after a timeout) attempts to connect to 1.1.1.2 then I'll be waiting even longer for content to arrive.

If you truly want reliable fast-failover between web-servers you'll probably want to look into something like HAProxy.

EDIT: Specifically, you'll want a pair of boxes running HAProxy with a "floating" IP-address shared between them. You then run something like Heartbeat on those boxes so that if one of them fails, the other will detect it and automatically take over the "floating" IP-address. Finally, you point your one A-record to the floating-IP (which always points at one or other of the HAProxy instances).

You'll probably find the Stack Overflow Network Configuration interesting/informative.

nickgrim
  • 4,336
  • 1
  • 17
  • 27
  • But isn't using HAProxy alone will still depend on TTLs, therefore will result with the browser waiting to know the next server IP until cache expires? If that's the case then it will be longer than simply having multiple A records. Perhaps a combination of both HAProxy + multiple A records is the best approach? – IMB Mar 28 '11 at 18:05
  • I've updated my answer to clarify HAProxy's role. – nickgrim Mar 29 '11 at 08:42