David Li <dlipub...@gmail.com> wrote: > > Another question I haven't quite figured out is the HA architecture. > Is it possible to set up a cluster of BIND servers (> 2) for each VLAN > subnet with one of them as master the rest as slaves?
Are these recursive or authoritative servers? For recursive servers you only need a few per site. (Per VLAN would be overkill unless your VLANs are very busy) The standard HA technique is to use anycast - see for example http://www.bortzmeyer.org/files/afrinic-dns-anycast.pdf https://strobe.uwaterloo.ca/watitis/resources/2009/AnyCast%20DNS/AnyDNS.ppt Where I work our core server network spans multiple sites at layer 2, so I'm using keepalived which makes the coupling between the DNS servers and the network a lot simpler. For authoritative DNA HA, make your recursive servers authoritative for your local zones, so your recursive servers still work when the rest of your DNS is broken. Get third-party off-site secondary DNS service. There's not much need to get more complicated than that. Tony. -- f.anthony.n.finch <d...@dotat.at> http://dotat.at/ Viking, North Utsire, South Utsire, Forties: Cyclonic becoming northerly 4 or 5, occasionally 6 in South Utsire and Forties. Slight or moderate, becoming moderate. Wintry showers. Good, occasionally poor. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users