Backup DNS

[Daniel_DBS]

I just got another VPS through a different provider (for redundancy) and I am going to essentially setup a DNS cluster through WHM...

I guess though for better redundancy, I should have:

NS1 - VPS1
NS2 - VPS2
NS3 - VPS1
NS4 - VPS2

I am not sure if I should do it that way, but I want to set up the DNS cluster to synchronize across the boxes...

I guess what I am asking is if I should setup the name servers that way, alternated across the boxes...

The second VPS will only serve for DNS purposes, so I opted for self-managed without a control panel, so I am going to install cPanel's DNS Only tool that they offer... Eventually I am going to get another VPS through another Provider and use it strictly for backups... Don't want to keep all of your eggs in one basket!

[EuroNut]

NS1 - VPS1
NS2 - VPS2
NS3 - VPS1
NS4 - VPS2

You don't need 4 NSs - 2 is fine, 1 on each VPS.

Whilst how NS lookups remains a mystery to most folks, some of the lookup strategy is to ask the nearest nameserver first (particularly when they are in different countries).

So if your VPS1 is down, and you're running 4 NSs, there is a possibility that you will get 2 failed lookups to your down VPS before one of the working NSs is asked.

Better to stick to 2 and reduce the risks - Then it's just a case of "Can't find NS1, so ask NS2"

[Daniel_DBS]

Thanks Euro... I will try that

[EuroNut]

Thanks Euro... I will try that

Hehe - And in doing so you are making yourself compliant with RFC2182 section 3.1, which goes on about how you should have your nameservers "at geographically and topologically dispersed locations".

I bet that makes you feel all good inside, huh?

[Daniel_DBS]

Hahaha of course it does...

When selecting secondary servers, attention should be given to the
various likely failure modes. Servers should be placed so that it is
likely that at least one server will be available to all significant
parts of the Internet, for any likely failure.

Consequently, placing all servers at the local site, while easy to
arrange, and easy to manage, is not a good policy. Should a single
link fail, or there be a site, or perhaps even building, or room,
power failure, such a configuration can lead to all servers being
disconnected from the Internet.

Secondary servers must be placed at both topologically and
geographically dispersed locations on the Internet, to minimise the
likelihood of a single failure disabling all of them.

That is, secondary servers should be at geographically distant
locations, so it is unlikely that events like power loss, etc, will
disrupt all of them simultaneously. They should also be connected to
the net via quite diverse paths. This means that the failure of any
one link, or of routing within some segment of the network (such as a
service provider) will not make all of the servers unreachable.

Now if only I could round up the gumption to setup a mirrored vps

[HJJ]

We were just burned by only have two NS on our JaguarPC VPS. We have some servers in-house, and when the VPS went down for more than 2 days, we couldn't even access those! Too bad JagaurPC doesn't allow us to add a redundant entry to their nameservers.

[Daniel_DBS]

We were just burned by only have two NS on our JaguarPC VPS. We have some servers in-house, and when the VPS went down for more than 2 days, we couldn't even access those! Too bad JagaurPC doesn't allow us to add a redundant entry to their nameservers.

You can do this with your VPS... If you download cPanel's DNS only tool (provided you use cPanel on your VPS) you can get a unmanaged VPS on another network and install the DNS tool on it... You then create a trust between the two servers and it synchronizes your DNS entries, thus you end up with nameservers on different networks, so if your VPS goes down, you still have a backup DNS server that will process requests and you will still be able to access your other servers.

http://www.cpanel.net/products/dnsonly/index.htm

[Ron]

OK stupid question .. if you have only 1 VPS, why do you need redundant DNS for it?

[Daniel_DBS]

OK stupid question .. if you have only 1 VPS, why do you need redundant DNS for it?

Heh... Becuase I also have two testing servers, one based out of my house and one out of my office that use the DNS service on my VPS... If the node goes down for extended periods of time, those servers will not be accessible... Also, I am thinking about expanding eventually... I may get another VPS and sell some hosting off of it... Another reason, I am paranoid

[HJJ]

OK stupid question .. if you have only 1 VPS, why do you need redundant DNS for it?

mostly if you have DNS entries for hosts that are NOT on your VPS. E.g. we have a second email server in house. But with VPS dead, DNS was dead and the in house server did not resolve either.

[HJJ]

You can do this with your VPS... If you download cPanel's DNS only tool (provided you use cPanel on your VPS) you can get a unmanaged VPS on another network and install the DNS tool on it... You then create a trust between the two servers and it synchronizes your DNS entries, thus you end up with nameservers on different networks, so if your VPS goes down, you still have a backup DNS server that will process requests and you will still be able to access your other servers.

http://www.cpanel.net/products/dnsonly/index.htm

Daniel, do I understand you right, this means you need two VPS, right?

I was also thinking of setting up a an entry with one of the free or low cost DNS services. Any thoughts on that? I guess it has to be done right to work well... still reading up on it.

[Daniel_DBS]

mostly if you have DNS entries for hosts that are NOT on your VPS. E.g. we have a second email server in house. But with VPS dead, DNS was dead and the in house server did not resolve either.

Good point... I use Google Apps for email, although they do have multiple servers to handle incoming mail if one is down, but if my VPS is down which also means my DNS is down, my email will either be bounced or float around until it is finally able to be sent to one of the google servers... For as little as it costs to get a BASIC, unmanaged, control panel free VPS, it is well worth it... also, if you really wanted to, you could install ftpd on it and use it as an FTP backup solution... However, since my backup VPS only has 5GB of space, I do not wish to use it as a backup system.

[Daniel_DBS]

Daniel, do I understand you right, this means you need two VPS, right?

I was also thinking of setting up a an entry with one of the free or low cost DNS services. Any thoughts on that? I guess it has to be done right to work well... still reading up on it.

I got a great deal off of WHT VPS advertisers forum... Search there and find a great deal on an unmanaged, control panel free, basic VPS... Once you find one, purchase it, and then use SSH to install the cPanel DNS only utility...

To install it, with SSH perform the following command:

Code:

cd /tmp
wget http://layer1.cpanel.net/cpanel-universal-dnsonly-install.sea
sh cpanel-universal-dnsonly-install.sea

Once you perform that command and get it installed, you can then setup the trust relationship and everything following cpanel's guide:

http://cpanel.net/docs/dnsclustering-quickstart/

After doing all of that, simple register the new VPS's IP addresses with your registrar and then setup your domains to use the appropriate addresses for the name servers...

After a few hours of propagation, you should be good to go

[Daniel_DBS]

My second VPS is, like I said, very basic, I am talking about 5GB of space with 128MB of RAM... I had it loaded with CentOS 4.5 (only version the host provided) and it works well for its purpose... I would not want to host a website or anything on it, but it works great as a secondary DNS server.

[EuroNut]

Daniel, I'd be interested to hear how you get on with this one.

I just went back to the cPanel web site to refresh my memory, and ...

cPanel DNS ONLY is a free product that allows you to run a DNS server which will be automatically updated by any servers that you link to it running the cPanel Server Suite. cPanel DNS ONLY is meant to be used on standalone DNS servers only which have no previous content on them.

If I interpret that right, the free cPanel DNS product only acts as a slave to other cPanel server(s) you have running - In other words, you cannot log into it like WHM and make changes to your DNS via it - Those have to be done from the "master" cPanel on your existing VPS. If that's the case, what happens when your VPS goes down and you need to edit your DNS quickly to redirect traffic to your fallback solution?

Keep us posted on how you get on, pretty please