0

I'm designing a business continuity plan. The company's website uses two internally-hosted servers at two different datacenters to provide name resolution. I've been asked to add a third WHOIS record hosted at UltraDNS or DynDNS, for "DR purposes". I.e.

ns1.company.com ns2.company.com NS1.ultradns.com

My question: What will happen if both of my internally-hosted DNS servers fail, and clients attempt to look up "company.com"? Will the client hang, time out, and then move on to the next? Is it entirely round-robin? Haven't been able to determine this from Googling, and wanted some backup.

Tad
  • 133
  • 2
  • 11
  • 6
    Because DNS is so critical, rather than answer your question I will instead suggest that you take some time to learn just how DNS works. That will not only help you with your current question but many more in the future as well. – John Gardeniers Nov 10 '11 at 22:44

3 Answers3

2

You want to host an A record and NS records, most likely, not a WHOIS record. If one server in the authoritative name server list is unresponsive, another server in the list will be queried. It will likely slow resolution down a bit, but won't break it.

That being said, you seem to have a bit of a misunderstanding about some basic terminology and functionality. You should read the relevant DNS RFCs and go from there before you attempt to implement anything.

MDMarra
  • 100,183
  • 32
  • 195
  • 326
0

Initially, lookups will failover to your ultra.com DNS. Depending on the TTL of your records your DNS will eventually fail. This will happen whenever your primary DNS server is down for an excessive length of time.

Given that your sites are likely down, it is unlikely DNS will be useful for much other than indicating that email should be deliverable. It is possible you may have other sites listed in DNS and they would be reachable. However, if you had three sites it would make more sense to add the third site as your third DNS site.

With your current configuration, if one site is down, all DNS will be handled by the other. If the site with your primary DNS is down, you will need to reconfigure the other to become primary. As @MarkM noted, you should review the DNS RFCs. They provide a lot of the answers you are looking for.

BillThor
  • 27,354
  • 3
  • 35
  • 69
  • What is all this talk about TTL and reconfiguring other to become primary ? If you mean that secondaries will cease to answer, it's not TTL, it's in the SOA, and a sane way to configure it is very long time, much longer than any possible outage. – Sandman4 Nov 11 '11 at 07:33
0

(My answer is about hosting zone - that's what you seem to need, not WHOIS record)

See #312459, look for the answer by "Server Horror", I find it excellent.

Shortly, what intended to happen is sometimes longer delays. But what may also happen is client time-out before it receives the answer, and thus user will see a message about unable to resolve hostname.

The higher your TTLs, the less your users will be affected - resolvers eventually do get an answer and then they will cache it for longer time.

Anyway it's a good idea to have more servers (and that is what RFCs suggest too), yet it's still a good idea to have reliable servers.

Btw, why just ns1.ultradns.com, why not ns2, ns3 and so on - don't they have many ? Actually the more is the better. (Root have 13 for example).

Community
  • 1
Sandman4
  • 4,045
  • 2
  • 20
  • 27
  • Thanks for that. Yes, I was a bit bleary when I wrote this, definitely did not mean WHOIS record (whatever that would be) but you seem to get the gist of what I'm after. What I couldn't find in the DNS RFCs or in Cricket's book as yet are how resolvers approach the list of name servers and what they do when they hit one that does not respond, and I think I have my answer above - they will time out, and use another one - hopefully before DNS times out. – Tad Nov 12 '11 at 12:02
  • Unfortunately for me, cranking the TTLs doesn't help, as there load balancers there which use DNS to load-balance & fail over, and thus require a very low TTL to work. I think my solution in this case will be to front the internal-hosted DNS with UltraDNS or Dyn, and just CNAME back to our load balancers. That way, in event of total failure, DNS can be rapidly re-pointed to a DR or Business Continuity site. – Tad Nov 12 '11 at 12:05
  • If so, why not just host it completely on ultraDNS ? – Sandman4 Nov 12 '11 at 19:13
  • There are some load-balancing and failover scenarios that the F5 Global Traffic Managers can handle better than Dyn or Ultra, so we can't abandon that entirely. – Tad Nov 14 '11 at 17:06
  • But how are you going to mix GTM and Dyn ? Half of your queries will go one way and half - another way ? How you will load-balance and failover those that arrive at Dyn ? – Sandman4 Nov 14 '11 at 20:20
  • Relatively simply. Currently, gtm1.company.com and gtm2.company.com (in two different datacenters) serve dns for the company.com site, giving out the IP for datacenter1.company.com or datacenter2.company.com depending on LB strategy. I could front company.com at Dyn, and CNAME that to something like company.net - which will be NS'ed to our GTM load balancers. Should then allow for normal operation, but in the event of total failure, allow us to immediately switch the company.com CNAME to an alternate location. – Tad Nov 15 '11 at 21:11
  • Why you need that CNAME ? Just change NS. For example have Dyn already set, pointing to your DR business continuity, and when both your GTMs fail change NS to Dyn servers. – Sandman4 Nov 16 '11 at 15:02