-1

I bought domain at namecheap and setuped at client panel my personal NS servers:

ns1.example.com

ns2.example.com

1) In case server ns1 unavailability, are all requests still come to ns1 or they all come to server ns2 ? How to setup abruptly switch for all requests if ns1 or ns2 become unavailable?

2) After NS servers ns1/2 I have Load Balancers in case one of LB stay unavailable, how to setup ns server to check this state(which application to use - bind or else, is there can be some api or you can it setup to redirect all requests only to working LB)?

serverAdmin123
  • 230
  • 3
  • 18
Kein
  • 131
  • 3
  • 14
  • Off topic as not following any sensible IT practice. Want HA DNS - get one from a service provider. Cloudflare offers free DNS. This question ticks off "lack of knowledge" with pretty much every sentence, and we do not tech beginners here - that is superuser.com. I.e. – TomTom Jul 24 '19 at 05:59

2 Answers2

3

1) In case server ns1 unavailability, are all requests still come to ns1 or they all come to server ns2 ?

No, the DNS does not work like that. It provides by default load balancing, not failover.

DNS deals with resource records sets. Not lists, sets. Lists are ordered, sets are not.

The set of nameservers for a domain name contains all names that are authoritative for this domain. Said differently: if example.org has ns1.example.com and ns2.example.com then both servers will statistically receive 50% of all requests at all time. It is NOT 100% for ns1 and then only when it fails it goes 100% to ns2.

So 50% of requests each but what does happen if one stops responding for any reason: then the resolver will switch to the other but only after having queried it because it can not know when it stopped responding and it also has to regularly probe the one not responding in order to detect when it comes back online. That means the resolution will happen but will just take more time because the algorithm will be first: - ask ns1 - wait some time - ask again ns1 - wait some time - and at some point (the amount of time to wait between two queries and the number of retries is often configurable and different in each software) it will switch to ns2 and hence finally get the reply.

The calling application at the origin of this DNS resolution may have a timeout itself so it may have stop waiting for the answer if the above takes place and is taking too long.

Nowadays "high availability DNS" is typically provided by using anycast technology: nameservers resolve to IP addresses that are anycasted on various places. This provides both better performances due to more "local" access and also automated failover (but because of an IP feature, not a specific DNS feature) as another node will pick traffic if some does not reply, due to how BGP works. Hence, things will not create the timeout and retry loop depicted above.

After NS servers ns1/2 I have Load Balancers

Not clear to me, but in any case do not put load balancers or anything in front of nameservers. Most often they will create more problems than provide solutions (because they often implement a very narrow subset of the DNS protocol and hence create interoperability problems).

is there can be some api

There are many ways to configure and use load balancers and indeed set up them to take into account the state of the services they are in front of. But at this stage your question is far too broad, you will need to be clearer, taking into account the first part and the DNS misunderstanding you may have had.

Patrick Mevzek
  • 9,921
  • 7
  • 32
  • 43
  • I think that the "After NS servers ns1/2 I have Load Balancers in case one of LB stay unavailable, how to setup ns server to check this state" bit is about updating DNS records for other services depending on the availability of the hosts (whether load balanced or not, I guess). – Håkan Lindqvist Jul 24 '19 at 06:09
0

The type of Domain Name System (DNS) server you're using makes a large difference in the approach. For instance, an Active Directory integrated zone with proper replication among fellow DNS servers, which are typically also domain controllers, provides a level of fault tolerance.

Clients are typically designated a primary, secondary, and in some cases tertiary and onward, DNS provider to use in their local IP configuration. In the event a client does not already have the record cached (based on its Time To Live (TTL)) and cannot reach its primary DNS provider at the time of request it will begin working through the secondary provider and onward until reaching its timeout interval. A proper way to think of this primary-secondary client DNS provider designation is as a relative version of active-passive high availability.

Modern load balancing solutions, especially upscale physical appliances, typically have health checks (commonly termed as "probes") that can be used to check a service's status like you're seeking. You'll have to refer to your vendor documentation for implementation. However, keep in mind that if your NS1 and NS2 are down and your load balancer's name records are supplied by these same DNS providers that the clients are pointing at then relying on the load balancers at essentially this third stage of failure is not going to provide you anything (barring some lucky client record caching).

Cale Vernon
  • 321
  • 1
  • 4