[CentOS] how to increase DNS reliability?

Thu Jul 25 13:28:39 UTC 2019
Leroy Tennison <leroy at datavoiceint.com>

If you don't want multiple DNS server entries on the client then a master and (possibly multiple) slave server configuration can be set up (I'm assuming ISC DNS - their solution to redundancy/failover is master and slave servers, this may be the way it is with all DNS).  keepalived can be used for fail over and will present a single IP address (which the clients would use) shared among the servers.  haproxy or alternatives might be another fail over option.  Each technology has its own learning curve (and doing this will require at least two) and caveats.  In particular systemd doesn't appear to play well with technologies creating IP addresses it doesn't manage.  The version of keepalived we're using also has its own nasty quirk as well where it comes up assuming it is master until discovered otherwise, this is true even if it is configured as backup.  In most cases this is probably either a non-issue (no scripts being used) or a minor annoyance.  But if you're using scripts triggered by keepalived which make significant (and possibly conflicting) changes to the environment then you'll need to embed "intelligence" in them to wait until final state is reached or test state before acting or some other option.

From: CentOS <centos-bounces at centos.org> on behalf of hw <hw at gc-24.de>
Sent: Thursday, July 25, 2019 7:51:39 AM
To: centos at centos.org <centos at centos.org>
Subject: [EXTERNAL] [CentOS] how to increase DNS reliability?


how can DNS reliability, as experienced by clients on the LAN who are
sending queries, be increased?

Would I have to set up some sort of cluster consisting of several
servers all providing DNS services which is reachable under a single
IP address known to the clients?

Just setting up several name servers and making them known to the clients
for the clients to automatically switch isn't a good solution because
the clients take their timeouts and users lacking even the most basic
knowledge inevitably panic when the first name server does not answer
CentOS mailing list
CentOS at centos.org


Register now for the dataVoice User Conference,
October 9-11 at the Gaylord Rockies in Denver, CO.
To register click Here<https://www.harriscomputer.com/en/events/>

Leroy Tennison
Network Information/Cyber Security Specialist
E: leroy at datavoiceint.com


2220 Bush Dr
McKinney, Texas

This message has been sent on behalf of a company that is part of the Harris Operating Group of Constellation Software Inc. These companies are listed here<http://subscribe.harriscomputer.com/>.

If you prefer not to be contacted by Harris Operating Group please notify us<http://subscribe.harriscomputer.com/>.

This message is intended exclusively for the individual or entity to which it is addressed. This communication may contain information that is proprietary, privileged or confidential or otherwise legally exempt from disclosure. If you are not the named addressee, you are not authorized to read, print, retain, copy or disseminate this message or any part of it. If you have received this message in error, please notify the sender immediately by e-mail and delete all copies of the message.