2

I have a Win 2k8 server that hosts multiple IIS apps that are under one domain, example.com. The need for a second server has increased and will need to get more servers to host my apps.

On my server, I have a *.example.com bound Default Website that does a simple redirect and several subdomains that have different purposes, such as foo.example.com. What will happen if I add the same configuration to another server (different apps, different subdomains). Is DNS smart enough to somehow route queries to the right subdomains to the right server?

So, I would go from:

SERVER1 (203.0.113.1)
    - Default: *.example.com
    - App1: app.example.com
    - App2: foo.example.com
    - App3: bar.example.com

TO:

SERVER1 (203.0.113.1)
    - Default: *.example.com
    - App1: app.example.com
    - App2: foo.example.com
    - App3: bar.example.com
SERVER2 (203.0.113.2)
    - Default: *.example.com
    - App4: baz.example.com
    - App5: qux.example.com

Is this possible? Do I need some special configuration or will this work automagically?

Joel Peltonen
  • 159
  • 2
  • 9

2 Answers2

4

You'll need to add another DNS Record for *.example.com that resolves to SERVER2s IP address.

If you currently have the following Host record in the example.com DNS zone:

*.example.com     [some TTL]   IN   A    203.0.113.1

Simply copy it, and change the value in the new record to 203.0.113.1 so you have:

*.example.com     [some TTL]   IN   A    203.0.113.1
*.example.com     [some TTL]   IN   A    203.0.113.2

Make sure that Round-Robin is enabled on the DNS server (virtually any hosting provider enables round-robin).

Community
  • 1
Mathias R. Jessen
  • 24,907
  • 4
  • 62
  • 95
  • In that case, if a request comes in for `baz.example.com` - how will the request know to be forwarded to .2? I would guess that it would query .1, then move to .2 if the subdomain is not found but .1 will answer with HTTP 302, so won't that look like the query was successful so there is no need to ask .2? I can accept that it does work, but I'm just curious as to how it works. – Joel Peltonen Sep 09 '14 at 11:34
  • Oh, you don't have records in place for the existing apps? In that case you'd probably end up redirect loops on roughly every 2nd client. You'd need a load balancer in front, or proxy requests back and forth with something like [ARR](http://www.iis.net/downloads/microsoft/application-request-routing) – Mathias R. Jessen Sep 09 '14 at 11:36
  • This is called poor mans load balancing. The DNS Server will return the A records in Random Order, and the client will pick one and go to that. If one of the servers is down 50% of your inbound requests will fail. – Doon Sep 09 '14 at 11:37
  • Depending on the browser, the requests may simply take a loooong time on the first request, but yes, this *is* a poor substitute for proper load balancing – Mathias R. Jessen Sep 09 '14 at 11:39
  • I was afraid of something like that. Yeah, I don't have records for the subdomains - they are added and removed quite haphazardly with very short notice at times. I guess I'll have to look at load balancing because I don't want to do trickery with ARR if I can any way avoid it :). Thank you! – Joel Peltonen Sep 09 '14 at 11:49
1

If each of your apps lives on 1 and only 1 web server. Then you do not need to include web server in DNS. Just create records as needed. 

server1 IN A 203.0.113.1
server2 IN A 203.0.113.2 

*.example.com  IN CNAME SERVER1
app.example.com IN CNAME SERVER1 
foo.example.com IN CNAME SERVER1
bar.example.com IN CNAME SERVER1 
baz.example.com IN CNAME SERVER2
qux.example.com IN CNAME SERVER2

if you really wanted to could make *.example.com point to SERVER2 as well, and just make sure that you had your content for the default site on both servers. But as long as you don't have the same app running on multiple servers, there is no need to send the wildcard everywhere. Is the goal here redundancy? or just dealing with load? If you have a wildcard ssl certificate you can install that on all the servers to cover every application.

Doon
  • 1,441
  • 9
  • 9
  • The point is to add and remove subdomains very quickly without touching the A records at all. I don't have the subdomains added as A records and I want to keep it that way unfortunately. – Joel Peltonen Sep 09 '14 at 11:48
  • 2
    Well, creating an A or CNAME takes about as long as creating a website/host headers in IIS, and both can be scripted. Load balancers to a big cluster of machines that all server everything are one solution to the problem, guess it depends on budget, since good load balancers generally speaking are not cheap.. – Doon Sep 09 '14 at 11:56
  • Creating an A record seems to take quite a lot longer to be honest. I've had to wait 10 minutes for a record to become active - some DNS servers are quicker than others. So I can't reliably say when our clients can access the URLs - but still this is the way to go unfortunately - until we register a second top level domain ;) – Joel Peltonen Oct 16 '14 at 07:22
  • 2
    client cache servers (unless they are doing some add negative caching) should be pretty quick to pick up new record. You could be looking at propagation delays between your primary and secondary authoratative servers. For example you add it to NS1, and it takes a bit to get to ns2 (I don't know how many auth servers you have). but the client then asks for the url and it hits n2 which doesn't have the records yet. Does your NS infrastructure support NOTIFY for zone updates to propagate? are they your NS servers are they hosted by someone else? – Doon Oct 16 '14 at 11:00