So I've googled around and can't find anything related to this. Clearly it has to happen though. I can't imagine organizations that don't have redundant master servers. The common approach I've found on google is to make redundant the slave servers, but that doesn't address the fact that if a master fails, a slave only works correctly so long.
I have a a set of DNS servers in my lab network. One master, two slaves, two recursive-only servers.
The master does zone file transfers to the slaves, and is hidden. It does not accept queries or allow recursion, designed according to best practice documents I found on the Internet.
The slaves allow queries from the recursive-only servers, which have forwarders set to my ISP DNS, and the local slaves (for internal network resolution of VMs and such).
I'm planning on setting up another master server, to enable high availability,
How do I go about doing this with BIND? I know I can set masters { server1; server2; }; in the configuration for the slaves, but how do I deal with having two masters?
- If there conflicts in the zone files between two masters, who takes precedence when transferring to the slaves?
- How do I define failover? If Master1 fails the slaves will automatically try the second IP listed in the
mastersfield, correct? So I shouldn't need to set anything up to have automatic failover?
EDIT: Here is a visual of my current setup: (I'd like to add one more master server)
Best Answer
In case of dual master, each one behaves independently, do you want zones to be kept in sync.
There is no master that takes precedence. The parent DNS servers typically (and are expected to) randomize/rotate the order the nameservers for zones are presented in, and client software typically queries this in order they were received. (This might not be the case for some corner cases - I surmise where the parent is controlled and/or routing can be manipulated in conjunction with a CDN/multicast traffic)
To do this you simply configure each server as a master, and don't have any "masters" line. I use a script to push out identical updates to masters.
You don't need to set up failover. The DNS clients will sequentially try nameservers if they don't get a response. That said, this is far from ideal to rely on clients as it very noticeably slows DNS response times where the first server does not respond. Longer TTLs on SOA records can partially mitigate this.
As such, no master takes precedence, they are treated identically , although you might be able to weight this behaviour with differing ttls for the SOA record and different serial - but I'd advise against this as it might cause issues. I've never tried it, so I'm speaking theoretically based on the understanding I got while learning this 20 years ago and subsequent practical experience running dual master servers.