High Availability DNS Hosting Strategy?

domain-name-system high-availability

Solution 1:

You can use any number of DNS hosters that have geographically dispersed name servers.

http://www.dyndns.com/services/dns/custom/

http://www.easydns.com/dnsmanage.php3

You could also move your name servers and DNS zones to a registrar that has a more robust and resilient infrastructure, such as Network Solutions.

Solution 2:

If done right, all you need to do is update the master DNS server, and have the rest as slaves, which will either poll the master or be informed by the master of a pending update. Once you have automatic updates set up, you can have as many slaves as meet your availability needs and then they'll keep up to date, provided the master itself is reachable.

Solution 3:

You could run your own DNS servers and multiple colos on multiple servers and setup failover and clustering. Either using windows or linux, you can setup single shared resources that are shared between servers, preferably over a point to point or vpn, and when one server/location goes down within seconds the next available server picks up the shared resource such as ip addresses. I have a similar solutions running at my orginization, we have multiple buildings, each building as a DNS server as well as some other windows and linux servers, sans and such. Majority of the servers are setup in a failover cluster so if one building explodes, the network is still up. For example, our dhcp servers have and ip address in it that is a shared ip between 3 dns servers, i can unplug 2 of the 3 dns servers and that single ip address would just point to the remaining alive server. This is real easy to do with Windows 2008 clustering, and you can do it for real cheap with linux and drbd (http://www.drbd.org/).

If all that work or cost of hardware is not a viable option, you can look at DNS providers that guarantee 4 or 5 9's up-time and have multiple servers in colos around the US. I don't know of any of those providers for DNS but i'm sure there are services offered but alot of the registrars out there such as places like godaddy.com

Solution 4:

Host the DNS on one of your servers, and have any number of other servers pull from it. ISC, the creators of BIND, even offer commercial hosting. I'm not certain of the terms, but you can find more info on their web site.

The nice thing about hosting the DNS locally is that you are in no way trapped by any provider -- if they hurt you, you can just move to another. It will require work to move, but it's just a few hours of web-facing work, and won't affect your customers at all. It is hard to get your zone data out of a fancy editing tool on some registry sometimes.

However, unless you are DNS experts, I don't recommend serving your own DNS. It's not as trivial as some people think to do this on your own. There are all kinds of interesting things to learn before attempting it, and it's not like HTTP hosting.

What you want are geographical diverse, stable, and able-to-run-if-part-crashes providers. That is, an earthquake in California should not take out their entire service. They should have multiple "time zone" presence, and if possible, multiple continent presence.

Solution 5:

What we're looking for:

  • No single point of failure
  • Time effective.
  • One solution that has been suggested is to do multiple DNS hosts. This seems like a great alternative, but we have over 20 domains, and updating an IP address on all of those domains across two providers is prohibitive.
  • Cost effective.
  • I have to sell this to upper management. Joy is me.

So what methods exist which support this? I'm more of a programmer myself, but they've tasked me with this, so I wanted to get the opinion of people more experienced than I am.

Secondaries can go a long ways towards mitigating this. Your ISP should be providing free DNS servers upstream of you, at which point you can name them as secondaries and get them to fetch your zone(s). This should go a long ways towards mitigating costs while ensuring that you have something in place.

  • You get to keep your masters the way they are, no contacting registrars to move stuff around
  • Requires minor changes to your setup, where you can specify your server as master and have someone else slave to it
  • DNS response becomes partly someone else's problem
  • Load distribution (not balancing) helps reduce load on each server
  • Your DNS registrar can collapse for a few hours and you can go on your merry way (until the TTL expires your entries)

A "real" DNS hosting service can provide you with this if your ISP doesn't. I recommend DynDNS as they provide the bulk of what you are looking for (multiple locations, minimal downtime, decent web interface).

Related

What is the first thing you do if your website was hacked?
Network Stress Test Tool
Batch file to uninstall all Sun Java versions?
ZFS Like Alternatives on Windows
filebucket configuration in Puppet
Forward FTP with IPTables
How do I delete all empty directories
Is my AD already an LDAP server?
Setting php error_reporting value with a console parameter
Industry Standards for Network Infrastructure Labeling
How to recreate a working AMI from recovery snapshot after Aug 8 outage?
IIS Rewrite, rewrite maps and query strings