How do nameservers "failover"?

Question

How do nameservers do failover? What decides the order in which nameservers are queried when the primary nameserver is not reachable?

To illustrate, here's part of my zonefile:

$TTL 3m;
site.com.       IN      SOA     ns1.sitese.com. admin.site.com. (
                   2007010403           ; Serial
                         1800           ; Refresh [1h=3600] 1800=30m
                          600           ; Retry   [10m]
                        86400           ; Expire  [2weeks] 86400=1day
                          180 )         ; Negative Cache TTL [1h]
;
site.com.      IN     NS      ns1.sitese.com.
site.com.      IN     NS      ns2.sitese.com.
site.com.      IN     NS      ns3.sitese.com.   
ns1.sitese.com.  IN     A       199.168.35.23
ns2.sitese.com.  IN     A       38.124.113.106
ns3.sitese.com.  IN     A       38.128.98.213

Obviously the primary nameserver is ns1.sitese.com as it is listed in the SOA record. But which one becomes the secondary nameserver if the primary is unreachable? Is it ns2, or ns3? What decides the order in which secondary nameservers are queried? Is it the order in which they appear in the zonefile? Is it something else?

score 4 · Accepted Answer · answered Jun 14 '13 at 10:51

4

AFAIK the order in which NSs are queried is up to the client. Even if your primary is up, a client can elect to query the secondary, if it feels so inclined.

From a client standpoint, all RRs returned by either the secondary or primary NSs are equivalent as all of them are marked as authoritative.

answered Jun 14 '13 at 10:51

Alien Life Form

2,279
2
21
31

So the SOA record isnt important as far as nameservers are concerned? – Joel G Mathew Jun 14 '13 at 10:54
1

the NS in the SOA is "the (FQD)name of any NS that replies authritatively for the zone". What the client decides to do with that info is up to them. But, because it is a name, it needs to be resolved at some pint, and if it is in the same zone, the client needs to go to the NS records... the other stuff in SOA (serial etc.) is obviously all very important. – Alien Life Form Jun 14 '13 at 10:58
Could you tell me the source of the quote, so I may read up? – Joel G Mathew Jun 14 '13 at 11:06
RFC1035, or here:http://www.zytrax.com/books/dns/ch8/soa.html – Alien Life Form Jun 14 '13 at 11:09
"primary/secondary" is mostly relevant only to the party handling the nameservers, it has no bearing outside and for all users of those nameservers. – Patrick Mevzek Oct 02 '20 at 19:32

score 2 · Answer 2 · answered Jun 14 '13 at 10:49

How do nameservers do failover?

They do not.

What decides the order in which nameservers are queried when the primary nameserver is not reachable?

Downstream servers just select one. If that does not answer another one. I am not sure there is a definitive spec how those are selected - so at the end, that is an implementation detail.

How do nameservers "failover"?

2 Answers2