On Tue, Sep 7, 2010 at 4:08 PM, Atom Powers <atom.pow...@gmail.com> wrote:
> On Tue, Sep 7, 2010 at 12:59 PM, Paul Graydon <p...@paulgraydon.co.uk> wrote:
>> On 09/07/2010 09:24 AM, Atom Powers wrote:
>> On Tue, Sep 7, 2010 at 11:53 AM, Matthew Barr <mb...@mbarr.net> wrote:
>>
>> On Tue, 7 Sep 2010, Brodie, Kent wrote:
>> We actually put DHCP, DNS, and LDAP on single boxes, and considered those
>> our primary boot first boxes.  Almost nothing would work w/o those
>> services.  Each of them has some reasonable highly available option, and
>> made life easy.
>>
>> How do you make DNS highly available (or load balance it)?
>>
>> There are a few fancy tricks for doing load-balanced DNS stuff, things that
>> should reduce time-out occurrences .  The main one that springs to mind is
>> using Anycast, and route advertising through Zebra.
>>
>> http://ftp.isc.org/isc/pubs/tn/isc-tn-2004-1.htm
>
> Using OSPF for load balancing ... that's just crazy enough to be
> brilliant. (Unfortunately I'm trying to avoid adding any more crazy
> into the network, so I don't think this approach will work for me.)
>

You can also find a presentation on doing this here:
http://www.net.cmu.edu/pres/anycast/

I was working at CMU when we deployed anycast DNS.  There was a lot of
anxiety around deploying it at first, but once we got all of the
details right we loved it.

I've since deployed anycast DNS at my current employer, and then
applied the same anycast technology to both RADIUS and WINS to improve
the HA design of those services.

Benefits include:
Single DNS config to configure everywhere.  No more site specific DNS
server entries, etc.
Near real time recovery from server problems
Trivial maintenance windows for servers.  (Stop the OSPF daemon, wait
a few seconds for routing to reconverge, do your maintenance...)
Geographical load balancing.  (Adding a new office in India?  Add an
anycast server there.  If it fails DNS will redirect to the closest
server.)

-David

_______________________________________________
Tech mailing list
Tech@lopsa.org
http://lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Professional System Administrators
 http://lopsa.org/

Reply via email to