Solved

External DNS settings for Mobile Clients on backup internet line

Posted on 2013-10-22
3
283 Views
Last Modified: 2013-10-28
I currently have mobile users who use software installed on their PCs that connects to our server using our external WAN IP and port forwarding.

The router connecting to the server has a backup internet line from a separate ISP.

Currently, if the internet goes down, I need to log into each mobile client and reconfigure the software to connect using the backup WAN IP.

I haven't had to do this yet, but don't want to in the future.

The software can use either a Hostname or IP.

If I configure the software to use a Hostname, is there a way to configure DNS to point to the primary WAN IP, but when it is down, switch to the backup WAN IP?

Or would I be stuck with setting it up with a short TTL and changing it manually when the connection is down.
0
Comment
Question by:pmitllc
  • 2
3 Comments
 
LVL 14

Accepted Solution

by:
Giovanni Heward earned 500 total points
ID: 39592723
You'd want the mobile devices to point to a FQDN.  You'd then create two corresponding A records which resolve to the separate IP addresses.  Once the mobile device fails to connect to one A record IP address it should try the secondary IP address automatically.

If not, then you could use a very low TTL value and update the IP address manually for a single A record.  

You'd need to test the multiple A record approach with each unique mobile device (make/model) to see how it's TCP/IP stack responds when being presented with multiple A records, and when encountering a timeout condition with one of the IP addresses.

Unfortunately with the dual A record approach you don't necessarily have control over which A record is attempted first.  While it's possible whichever one is presented first is used, it may vary between mobile devices.  The device may perform a round robin approach between the two IP addresses.  Either way, the possible effect being your "backup" line is responding to requests when your "primary" line is operational.
0
 
LVL 6

Author Closing Comment

by:pmitllc
ID: 39603857
I think I am going to use the low TTL method.  At least I will only have to change one thing if the internet goes down.
0
 
LVL 14

Expert Comment

by:Giovanni Heward
ID: 39606017
That's probably preferable.  Another way to go would be to write a script which checks the primary connection every x interval and updates the A record automatically when a timeout is encountered.  It could notify you via email/sms of the failure, and restore the A record to the primary IP address when the connection is restored.

This would be running on a remote site of course.  NPing for example (part of the Nmap package), could be used to connect to a specific port over a specific protocol, etc., in instances where ICMP is blocked.

nping --tcp -p 80 www.example.com

Open in new window


If your DNS provider doesn't have an API to do this, there are plenty of other options to automate authenticating and updating the record.  See Curl, etc.  Python, PHP, Perl, etc. all have the capability to do this.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Building small business network 4 72
Radius Debug Error 16 92
Using an internal domain name that you do not own 6 50
Need Script to resolve IPs to Public DNS Names 5 26
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question