[OT]multi-master DNS

Home » General » [OT]multi-master DNS
General 4 Comments

Hello all,

We have quite a bit of environment on “cloud”. We are using our own domain names. For this purpouse we stood up a BIND9 DNS instance on CentOS 7. And, this being the cloud, we enabled key based dynamic DNS
for instances to register themselves when they are spun-up. We have a single master and multiple slaves. all is well, untill mater goes down and we need to spin-up additional instances. Single master has become somewhat of a bottleneck

I have looked around, not able to find any solution, for a stable Multi-master DNS setup (outside of Windows AD).

Does any one have any specific pointers?

-Thanks in advance

Vijay

4 thoughts on - [OT]multi-master DNS

  • I don’t know about anyone else, but in no way would I use Bind9 and DDNS
    for anything, multi-master or not. I’ve never had any kind of stable success with DDNS and Bind.

  • Bind does not have a method to do multi-master replication. All updates must be done via an intermediary service (database).

    In our case, we’ve used containers and Consul for providing a highly available DNS service. A container will fire up and race for the master lock. It will dump the contents of the database into its named configurations and assuming it has the lock will assume the IP address of the master. Others just come up as slaves.

    If the master lock is not renewed after a given period of time another container can acquire the lock and become master by assuming the IP address of master (VRRP/VRID/KeepAliveD)

    —– | Hello all,
    |
    | We have quite a bit of environment on “cloud”. We are using our own
    | domain names. For this purpouse we stood up a BIND9 DNS instance on
    | CentOS 7. And, this being the cloud, we enabled key based dynamic DNS
    | for instances to register themselves when they are spun-up. We have a
    | single master and multiple slaves. all is well, untill mater goes down
    | and we need to spin-up additional instances. Single master has become
    | somewhat of a bottleneck
    |
    | I have looked around, not able to find any solution, for a stable
    | Multi-master DNS setup (outside of Windows AD).
    |
    | Does any one have any specific pointers?
    |
    |
    | -Thanks in advance
    |
    | Vijay
    |
    |

  • Hi James,

    Do you have any more info on this setup? I’m in the middle of looking at changing our DNS service and was thinking of containerising them for the improved deployment flexibility it offers.

    Tris

    *************************************************************
    This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify postmaster@bgfl.org

    The views expressed within this email are those of the individual, and not necessarily those of the organisation
    *************************************************************

  • Sure! Feel free to contact me off list. We’re also looking at reengineering our DNS/DHCP infrastructure and some of the ideas might be good to discuss with you some of your ideas

    —– |> Bind does not have a method to do multi-master replication. All updates must be
    |> done via an intermediary service (database).
    |>
    |> In our case, we’ve used containers and Consul for providing a highly available
    |> DNS service. A container will fire up and race for the master lock. It will
    |> dump the contents of the database into its named configurations and assuming it
    |> has the lock will assume the IP address of the master. Others just come up as
    |> slaves.
    |>
    |> If the master lock is not renewed after a given period of time another container
    |> can acquire the lock and become master by assuming the IP address of master
    |> (VRRP/VRID/KeepAliveD)
    |>
    |
    | Hi James,
    |
    | Do you have any more info on this setup? I’m in the middle of looking at
    | changing our DNS service and was thinking of containerising them for the
    | improved deployment flexibility it offers.
    |
    | Tris
    |
    |
    | *************************************************************
    | This email and any files transmitted with it are confidential
    | and intended solely for the use of the individual or entity
    | to whom they are addressed. If you have received this email
    | in error please notify postmaster@bgfl.org
    |
    | The views expressed within this email are those of the
    | individual, and not necessarily those of the organisation
    | *************************************************************
    |