Hello all, We have quite a bit of environment on "cloud". We are using our own domain names. For this purpouse we stood up a BIND9 DNS instance on Centos 7. And, this being the cloud, we enabled key based dynamic DNS for instances to register themselves when they are spun-up. We have a single master and multiple slaves. all is well, untill mater goes down and we need to spin-up additional instances. Single master has become somewhat of a bottleneck I have looked around, not able to find any solution, for a stable Multi-master DNS setup (outside of Windows AD). Does any one have any specific pointers? -Thanks in advance Vijay
On 06/25/2017 12:22 PM, Vijay Rajah wrote:> Hello all, > > We have quite a bit of environment on "cloud". We are using our own > domain names. For this purpouse we stood up a BIND9 DNS instance on > Centos 7. And, this being the cloud, we enabled key based dynamic DNS > for instances to register themselves when they are spun-up. We have a > single master and multiple slaves. all is well, untill mater goes down > and we need to spin-up additional instances. Single master has become > somewhat of a bottleneck > > I have looked around, not able to find any solution, for a stable > Multi-master DNS setup (outside of Windows AD). > > Does any one have any specific pointers? > >I don't know about anyone else, but in no way would I use Bind9 and DDNS for anything, multi-master or not. I've never had any kind of stable success with DDNS and Bind. -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.haney at neonova.net www.neonova.net
Bind does not have a method to do multi-master replication. All updates must be done via an intermediary service (database). In our case, we've used containers and Consul for providing a highly available DNS service. A container will fire up and race for the master lock. It will dump the contents of the database into its named configurations and assuming it has the lock will assume the IP address of the master. Others just come up as slaves. If the master lock is not renewed after a given period of time another container can acquire the lock and become master by assuming the IP address of master (VRRP/VRID/KeepAliveD) ----- On 25 Jun, 2017, at 09:22, Vijay Rajah me at rvijay.me wrote: | Hello all, | | We have quite a bit of environment on "cloud". We are using our own | domain names. For this purpouse we stood up a BIND9 DNS instance on | Centos 7. And, this being the cloud, we enabled key based dynamic DNS | for instances to register themselves when they are spun-up. We have a | single master and multiple slaves. all is well, untill mater goes down | and we need to spin-up additional instances. Single master has become | somewhat of a bottleneck | | I have looked around, not able to find any solution, for a stable | Multi-master DNS setup (outside of Windows AD). | | Does any one have any specific pointers? | | | -Thanks in advance | | Vijay | | _______________________________________________ | CentOS mailing list | CentOS at centos.org | https://lists.centos.org/mailman/listinfo/centos -- James A. Peltier IT Services - Research Computing Group Simon Fraser University - Burnaby Campus Phone : 604-365-6432 Fax : 778-782-3045 E-Mail : jpeltier at sfu.ca Website : http://www.sfu.ca/itservices Twitter : @sfu_rcg Powering Engagement Through Technology
On 27/06/2017 00:49, James A. Peltier wrote:> Bind does not have a method to do multi-master replication. All updates must be done via an intermediary service (database). > > In our case, we've used containers and Consul for providing a highly available DNS service. A container will fire up and race for the master lock. It will dump the contents of the database into its named configurations and assuming it has the lock will assume the IP address of the master. Others just come up as slaves. > > If the master lock is not renewed after a given period of time another container can acquire the lock and become master by assuming the IP address of master (VRRP/VRID/KeepAliveD) >Hi James, Do you have any more info on this setup? I'm in the middle of looking at changing our DNS service and was thinking of containerising them for the improved deployment flexibility it offers. Tris ************************************************************* This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify postmaster at bgfl.org The views expressed within this email are those of the individual, and not necessarily those of the organisation *************************************************************