[Nottingham] DNS question for specifying redundant servers

Andy Smith andy at lug.org.uk
Thu Apr 3 22:11:46 BST 2008

Hi Martin,

On Thu, Apr 03, 2008 at 09:35:36PM +0100, Martin wrote:
> You have multiple servers dotted around the country/world with different
> internet addresses. So how do you set the DNS for the world such that
> normally only one server takes all the load but one of the others picks
> up all the load if the first should fail? And thence, the third picks up
> the load if the second should fail?

You don't typically do this with DNS (alone).  This is because it is
impossible to ensure that clients do not cache the answer they get
from DNS.  For example, IE will cache a DNS lookup until it is shut

So, while you can use an intelligent DNS server to give out only a
subset of the IPs (perhaps corresponding to servers that it knows
are up, or servers that it believes are closer to the client), those
IPs it gives out have to be treated as possibly cached forever, so
need to work forever.

In a high availability setup you would normally have each IP address
actually be multiple backend servers, behind load balancer(s) or
CARP or similar.

Alternatively there is an advanced routing trick called anycast
where the same block of IPs is announced at multiple locations.
Your packets end up at the one that is closest, Internet-wise.
Should that site fail, its route is withdrawn, and your packets will
end up at another site.  Each site will likely still be more than
one physical node.

> Or is this never done this way?

DNS can be part of a high availability setup:

$ host www.google.com
www.google.com is an alias for www.l.google.com.
www.l.google.com has address
www.l.google.com has address
www.l.google.com has address

but each of those IPs will correspond to more than one web server.

> If you have the DNS give (round-robin?) multiple addressing for the
> three servers, what happens if one or two fail in that case?

A third or two thirds of requests time out.

> Answers for mail servers and web servers please...

What I said above applies to either, but for mail servers the
problem is easier since SMTP is a store and forward technology; if
an email takes 5 minutes to arrive instead of 5 seconds then
normally people aren't too put out.

You can normally have several mail servers at equal priority and as
long as at least one of them accepts the mail then delivery won't be
too badly delayed.

Unlike A records used by other services, SMTP has its own DNS record
type: MX.  This has syntax to allow different priorities:

$ host -t mx gmail.com
gmail.com mail is handled by 5 gmail-smtp-in.l.google.com.
gmail.com mail is handled by 10 alt1.gmail-smtp-in.l.google.com.
gmail.com mail is handled by 10 alt2.gmail-smtp-in.l.google.com.
gmail.com mail is handled by 50 gsmtp147.google.com.
gmail.com mail is handled by 50 gsmtp183.google.com.

the above is the order that my mail server would make connections in
if I sent an email to a user at gmail.com.


http://bitfolk.com/ -- No-nonsense VPS hosting
Encrypted mail welcome - keyid 0x604DE5DB
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://mailman.lug.org.uk/pipermail/nottingham/attachments/20080403/42b272c0/attachment.bin

More information about the Nottingham mailing list