Tech Support Forum banner
Status
Not open for further replies.

Two DNS Servers, different A records

1K views 7 replies 3 participants last post by  JimE 
#1 · (Edited by Moderator)
Hi all,

I need little help regarding DNS servers in the next case.

Text Line Diagram Font Technology


When primary link is up, backup link is down and so only DNS Server 1 is visible from the Internet at specific moment.

Now, when primary link goes down, backup link goes up and so DNS Server 2 is now visible from the Internet.

The question is what is the time needed for those new records to be visible from the Internet?

Thank you all.
 
See less See more
1
#3 ·
Dear JimE,

Thank you for your answer.

I know about DNS having all the same records, but now I see that I haven't explained the whole situation.

When primary link goes down, primary DNS goes down, but also a bunch of servers which are hosted on that link.

There is a backup Internet link which switches on as soon as primary goes down, and all those servers are then switched to backup link. However, since backup link has different IP addressing, I need DNS server 2 to propagate those new records.

I don't have much knowledge in time needed for propagation to finish, so I need your help, for me to better understand if I'm on the right configuration path or not.

Thanks again.
 
#4 ·
The idea here, would be to have both DNS servers share a path to the internet. Then, regardless of which internet path is used, the path is always the same.

As for DNS in general, if both servers have the same records, there should be nothing to learn when you move from one to the other. Internal DNS servers should likely only be storing records for your internal hardware/devices. Those records don't change based on the internet path.

So maybe I'm not understanding your issue.
 
#5 ·
"There is a backup Internet link which switches on as soon as primary goes down, and all those servers are then switched to backup link. However, since backup link has different IP addressing, I need DNS server 2 to propagate those new records."

So you are giving all of the servers new ip addresses?

But lets backup for a moment. That pic you posted looks straight out of an exam. Is this homework?

What raises the question is what do you mean by "seen on the internet"? Private dns servers don't participate in public dns except to forward locally unresolved client requests. So what do you mean?

How are you pointing the servers to the new dns server?
 
#6 ·
Hello again,

This is real situation. I'm in the middle of implementing things. Since it seems that I've been unclear when drawing first diagram, here is the real situation.



On the image there are DNS servers 1 and 2.

DNS Server 1 - ns1.test_domain.com (200.200.200.200)
DNS Server 2 - ns2.test_domain.com (150.150.150.150)

DNS Server 1
test.com A 60 200.200.200.200
imap.test.com A 60 200.200.200.200

DNS Server 2
test.com A 60 150.150.150.150
imap.test.com A 60 150.150.150.150

Please bare in mind that only one DNS server is visible at the moment - as I said, when primary link is up, backup link is down and vice-versa.

These are the procedures :

1. Behind the router (13), although not visible on the image, is bunch of the servers (httpd, postfix, dovecot, proftpd and so on ...).

2. When primary link goes down, router (13) changes default route to 192.168.142.2. At that moment, backup link goes up. Now DNS Server 2 is visible from outside.

So yes, all the servers are getting new ip addressing from DNS server 2.

So, when this change happens, what is the time needed for new records from DNS Server 2 to be visible from outside world (for example, when someone wants to contact imap.test.com = 150.150.150.150)?
 
#7 · (Edited)
"So yes, all the servers are getting new ip addressing from DNS server 2."

You mean to say the dns server is also a dhcp server and getting new ips from this dhcp server.

This is not a proper network design imo.

All servers should have static ips not dynamic.
You need to implement a dual wan port router so each isp link is balances and you have failover.
Both dns servers should be on the same lan. If one fails the other will automatically give out the same dns records.

If you can't do it the recommended way then you need a 3rd router behind the two isp routers. All dns servers and servers would be in the same subnet behind the 3rd router.

Just to clarify your dns servers have nothing to do with outside access. This is internal usage only. Which is also the reason you don't need different subnets. You can have dns servers in different subnets but they need to contain the same records/zone and there needs to be a route from the lan clients to the different subnet dns server. You don't need to change all of the ips to match the different dns server.
 
Status
Not open for further replies.
You have insufficient privileges to reply here.
Top