[CentOS] High Availability using 2 sites

Thu Jan 5 14:13:03 UTC 2006
Todd Reed <treed at astate.edu>

I agree, BGP is important to route the IP's, but I've been exploring this
same option with a different thought.  I'd like to hear what others say
about this!

Here is my plan (although not implemented or tested) for Web Services.

At our main data center we have the primary DNS server and our primary web
server.  The remote location houses the secondary DNS server and our
secondary web server.  Also at that second location is "hidden" master DNS
server.  Your registrar name records only point to the primary and
secondary, therefore, the internet knows nothing of the hidden master.
Then, the hidden master contains a similar set of DNS records that point to
the secondary site.  Here's the trick!  The secondary DNS server syncs with
the primary DNS server every x minutes.  If the secondary DNS server cannot
communicate with the primary DNS server, it then looks at the "hidden"
master DNS server and syncs the records (which is pointing at your secondary
site).  Then, when your data center site comes back up, the secondary tries
to communicate with the true master DNS server...it can...therefore it
updates its records.

That is the theory in a nutshell.  I've read that this is possible, but I
haven't had a chance to test it.

What do others think about this?  This is no substitution for BGP, but for
those that don't run BGP or need to re-route the IP networks, this may work.

--Todd



-----Original Message-----
From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On Behalf
Of Bryan J. Smith
Sent: Thursday, January 05, 2006 12:22 AM
To: CentOS mailing list
Subject: Re: [CentOS] High Availability using 2 sites

Tim Edwards <tim at registriesltd.com.au> wrote:
> We currently have a backup site at a different location to
> our main site. This backup site mirrors (as closely as
> possible) our main services, particularly web serving.
> Is there a way to have the backup site act as a failover
> for the main site using something like Linux-HA? 
> They are on seperate internet connections with different IP
> ranges.

Yes and no.

Yes in that you have a couple of options -- one common, one
pretty much a hack.

The common one is to have your own autonomous system number
and run BGP.  That way you control your IP assignments,
failover, etc... in ways that are efficient and quickly
propogated.

The hack is to put routers and/or 1-to-1 NAT devices at each
site, which can redirect traffic to the other site.  That is
less efficient and can cause some headaches.

No in the fact that there's really no "software" or "service"
facility to deal with this.  Round robin DNS does nothing to
solve this.  Name propogation is always an issue.

So it's something you can only address at the IP-level --
either by having your own, Internet-recognized autonomous
system number, or redirecting IPs from each site to the other
when servers/sites go down.

-- 
Bryan J. Smith     Professional, Technical Annoyance
b.j.smith at ieee.org      http://thebs413.blogspot.com
----------------------------------------------------
*** Speed doesn't kill, difference in speed does ***
_______________________________________________
CentOS mailing list
CentOS at centos.org
http://lists.centos.org/mailman/listinfo/centos
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3022 bytes
Desc: not available
URL: <http://lists.centos.org/pipermail/centos/attachments/20060105/7e3c93bb/attachment-0005.bin>