Date: Mon, 4 Aug 2003 20:22:22 +0200 (CEST) From: blaz.zupan@amis.net (Blaz Zupan) To: freebsd-isp@freebsd.org Subject: Re: DNS Server Farm Message-ID: <20030804182222.A5C055553E@titanic.medinet.si>
next in thread | raw e-mail | index | archive | help
> Our company has inherited/bought an ISP outfit which has around 2 > million subscribers. Among our first priority is to upgrade the DNS > service which has been abysmal according to the users Date: Mon, 4 Aug 2003 20:22:22 +0200 I'm actually wondering why everybody is suggesting load balancers. This means either single point of failure or very expensive hardware. I don't know anything about your infrastructure, but because you have 2 million customers you probably have many POPs which are spread out around the country. Anycast is the solution in this case. Build lots and lots of small recursive nameserver boxes and locate them at various points around your network. Each of those boxes has two IP addresses: one from the local subnet and another address which is same on all boxes - the anycast address. Put a static route on your local router which routes the anycast address to the local IP address of each box. Configure the nameserver so that it responds on the anycast address, but uses the local IP address to resolve DNS records (so that you don't get in trouble with routing the traffic from outside of your network to the local caching nameserver, because return packets might reach the wrong box due to the anycasting setup). In this scenario you have lots of boxes around your network and every single one of them is reachable by the same IP address. Now you just point your customers DNS settings at this IP address and you're all set. If you want automatic failover in this scenario, make the boxes speak BGP or some other routing protocol to the local router, Zebra works fine in this situation. Make it announce only the anycast address. If the box hiccups, the route will disappear and your customer will use another recursing nameserver somewhere in your network.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030804182222.A5C055553E>