Solved

Using a fail safe DNS record

Posted on 2007-11-21
7
1,309 Views
Last Modified: 2012-06-21
Hi

we have an DNS hosts statically set in our forward lookup zone

if the ip address of this server is down, is there a way to use a second IP address as a failsafe?

many thanks
Karl
0
Comment
Question by:shsk
  • 3
  • 2
  • 2
7 Comments
 
LVL 7

Expert Comment

by:mcse2007
ID: 20326810
setup a secondary DNS server and make the first DNS as your master.
0
 

Author Comment

by:shsk
ID: 20326870
but the first DNS server is still gong to give a positive response of "yes i have an ip address and it is"

it will not be able to sense the actual link isnt there
0
 
LVL 70

Accepted Solution

by:
Chris Dent earned 500 total points
ID: 20326908

DNS doesn't do automatic fail-over on Name Records I'm afraid.

The functionality it does have is Round Robin, where it will alternate (or loop through) the responses it gives to a query. It doesn't much care if the server in question is up or down.

To achieve fail-over on this in DNS you would have to manually change the Record to reflect the new IP. However, there are programs around that can do this for you, so it's not necessarily as manual as it seems.

When using that method you should be aware of the TTL (Time To Live) value for a Record. This is a time, in seconds, that a Client or remote DNS Server will remember the answer to the query. The client or server will use that Remembered value until the TTL expires. For fail-over to work in the method described above it is important that the TTL is set to a low value (such as 15 minutes, or 900 seconds).

As for the programs that do this, I've never used one so cannot recommend any specifically, so these are only here as examples and you would have to evaluate each dependant on your requirements:

http://www.extralan.co.uk/products/Diagnostic-Tools/SDNSPlus/SFO.htm
http://www.nettica.com/Failover/Service.aspx

HTH

Chris
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 

Author Comment

by:shsk
ID: 20327162
i thought as much

i was thinking of scripting thismyself.

using the win32_pingstatus and dnscmd

thank you!
0
 
LVL 70

Expert Comment

by:Chris Dent
ID: 20327177

You're welcome. I hope you get it all sorted out.

Chris
0
 
LVL 7

Expert Comment

by:mcse2007
ID: 20331731
hey Karl,

microsoft thought otherwise which I share their view about secondary DNS server.

Is this what you want?

if a primary server is unavailable, a secondary server can provide some name resolution in the zone until the primary server is available.

Link:
http://technet2.microsoft.com/windowsserver/en/library/54572f43-7c5f-4600-b8ff-3c91cf0541ed1033.mspx?mfr=true

Sometimes, sticking with the fundamental help us solve our requirement.
 
0
 
LVL 70

Expert Comment

by:Chris Dent
ID: 20333809

Hey mcse2007,

As far as I understood the question it wasn't redundancy on the Name Servers that was needed.

Rather it was fail-over on a Host (A) Record within a zone (something a Web Server would need, for example), which unfortunately cannot be provided within DNS (as an option).

The only elements of fail-over are MX Records, Service Records and NS Records. Each of those is handled by the client or requester, DNS doesn't tailor it's response based on the state of the Service.

To clarify slightly, I should have written this:

> DNS doesn't do automatic fail-over on Name Records I'm afraid.

As:

> DNS doesn't do automatic fail-over on Host Records I'm afraid.

Chris
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
how to add IIS SMTP to handle application/Scanner relays into office 365.

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now