I'm about to do an overhaul of the DNS service at work and my plan is to use powerdns recursor + dnsdist + keepalived. --- Sent from the Delta quadrant using Borg technology! On 2019-07-25 14:28, Leroy Tennison wrote: > If you don't want multiple DNS server entries on the client then a > master and (possibly multiple) slave server configuration can be set > up (I'm assuming ISC DNS - their solution to redundancy/failover is > master and slave servers, this may be the way it is with all DNS). > keepalived can be used for fail over and will present a single IP > address (which the clients would use) shared among the servers. > haproxy or alternatives might be another fail over option. Each > technology has its own learning curve (and doing this will require at > least two) and caveats. In particular systemd doesn't appear to play > well with technologies creating IP addresses it doesn't manage. The > version of keepalived we're using also has its own nasty quirk as well > where it comes up assuming it is master until discovered otherwise, > this is true even if it is configured as backup. In most cases this > is probably either a non-issue (no scripts being used) or a minor > annoyance. But if you're using scripts trigger > ed by keepalived which make significant (and possibly conflicting) > changes to the environment then you'll need to embed "intelligence" in > them to wait until final state is reached or test state before acting > or some other option. > > ________________________________ > From: CentOS <centos-bounces at centos.org> on behalf of hw <hw at gc-24.de> > Sent: Thursday, July 25, 2019 7:51:39 AM > To: centos at centos.org <centos at centos.org> > Subject: [EXTERNAL] [CentOS] how to increase DNS reliability? > > > Hi, > > how can DNS reliability, as experienced by clients on the LAN who are > sending queries, be increased? > > Would I have to set up some sort of cluster consisting of several > servers all providing DNS services which is reachable under a single > IP address known to the clients? > > Just setting up several name servers and making them known to the > clients > for the clients to automatically switch isn't a good solution because > the clients take their timeouts and users lacking even the most basic > knowledge inevitably panic when the first name server does not answer > queries. > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos > > Harriscomputer > > Register now for the dataVoice User Conference, > October 9-11 at the Gaylord Rockies in Denver, CO. > To register click Here<https://www.harriscomputer.com/en/events/> > > > Leroy Tennison > Network Information/Cyber Security Specialist > E: leroy at datavoiceint.com > > > [cid:Data-Voice-International-LOGO_aa3d1c6e-5cfb-451f-ba2c-af8059e69609.PNG] > > > 2220 Bush Dr > McKinney, Texas > 75070 > www.datavoiceint.com<http://www..com> > > > This message has been sent on behalf of a company that is part of the > Harris Operating Group of Constellation Software Inc. These companies > are listed here<http://subscribe.harriscomputer.com/>. > > If you prefer not to be contacted by Harris Operating Group please > notify us<http://subscribe.harriscomputer.com/>. > > > > This message is intended exclusively for the individual or entity to > which it is addressed. This communication may contain information that > is proprietary, privileged or confidential or otherwise legally exempt > from disclosure. If you are not the named addressee, you are not > authorized to read, print, retain, copy or disseminate this message or > any part of it. If you have received this message in error, please > notify the sender immediately by e-mail and delete all copies of the > message. > > > > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos