DNS reliability (Re: [oclug] RedHat Enterprise and HP servers)
rod at giffinscientific.com
Tue Jun 22 14:25:50 EDT 2004
Andrew J. Hutton said:
> On Tuesday 22 June 2004 13:38, Rod Giffin wrote:
>> One of the best ways to ensure DNS reliability is to put your DNS's on
>> completely separate high availability networks, ideally a couple of
>> thousand miles apart. It makes no sense to operate highly available
>> servers with single points of failure like a single network hub, or a
>> single router. You wouldn't achieve much reliability that way at all.
> The 1000's of miles apart is actually not very useful in practise.
> You're better of bringing in an extra DSL line from another carrier who
> doesn't use the same backbone service. Considering most inter-Canada
> traffic already goes through New York you can have two servers '1000's
> of miles apart' even within the same office. Yes, having them in
> different areas of the city is a good option due to power stability.
> What I'd probably do is pay for some employees DSL and drop a server
> there for the 2ndary, and then negotiate 3rd and 4th nameservers with
> other organizations.
Purchasing and maintaining a private DSL connection for this might become
annoying considering hydro rates. at 250 W/hr, adds up to 180 or so
kWh/month. That would add between 7.20 and 13.50 to someone's hydro bill,
not to mention when the pet cat chews up a wire, something gets caught on
a power cord, and whatnot. You can get pretty reliable DNS services for
less than the cost of hydro alone, let alone the cost of the DSL, can't
I gave a lot of thought to this for a customer after last summer's power
failure, given that Hydro One and the Government haven't aleviated fears
it might happen again. I discovered that I would negociate a secondary
DNS server in Toronto on a Callnet (Sprint) loop, partly because they
route through Chicago rather than New York - into the heartland of the USA
rather than on the east coast - and a tertiary server in Gatineau
somewhere - on some other carrier's network - because it's power is
relatively isolated from Ottawa's. The primary would either be self
maintained, or at my ISP, depending on the type of installation. All of
the DNS's need be nothing more robust than a beige box with a UPS.
In the same building, for providing DNS services on a LAN only, I'd put
one or two DNS servers - again beige boxes, at opposite ends of the
building, or on different floors if need possible. This architecture
isn't as critical though, because you can also use hosts files a lot
easier on LAN's.
More information about the OCLUG