1 distributed dns best practices to build redundant, reliable architecture by ladislav vobr...

Report

Tags:

Post on 26-Dec-2015

220 Views

Category:

Documents

3 Downloads

Preview:

Click to see full reader

TRANSCRIPT

1

Distributed DNS

best practices to build redundant, reliable architecture

By Ladislav Vobr SE/SOP/I&eS,Etisalat

2

Outline

• Introduction• Different DNS roles• Authoritative• Caching• ccTLD• Internal• Best Practices / Recommendations• Increasing the availability• L4-7 switching / Anycast• Service Monitoring• Latest DNS Features Trends• Conclusion

3

Introduction

• What is DNS?

• DNS & Internet

• The Importance of DNS Service

4

Different DNS roles

• Authoritative/non-recursive

• Caching/Recursive

• ccTLD

• The Root Servers

• Recursive

5

Best Practices

• Separate geographically

• Separate the functionality

• Separate Access

• Use well defined SOA, TTL

• Use consistent NS records

6

Scaling performance / Availability

• Authoritative only servers- Build it mechanism using RTT

• Caching Services- Scaling vertically - brings huge cost & doesn’t improve

availability- Scaling horizontally – reduce the cost, but needs some

configuration

a) Cluster (one active / one standby ) b) L4-7 switches (complicated, more features)c) ANYCAST (simple / simple balancing)

7

L4-7 switching

• Better l4-7 filtering

• Better load distribution

• Geographical failover not standarized

• Complicated management

• Another point of failure (two switches required)

8

Anycast Routing

• Simple idea• Using standard protocols• Supports broad range of routing protocols• Simple load balancing only• Not able to filter traffic based on l4-7• Acts as a router, easy troubleshooting• No additional hardware required• Free tools available / zebra / ospfd ….

9

Important features in Bind

• TSIG/DNSSEC

• NOTIFY

• NSUPDATE

• IDN

• IPV6

• RNDC FLUSH

• RNDC RECURSING

10

Service Monitoring

• Monitor CPU

• Monitor Number of REQUESTS

• Monitor Recursive QUEUE

• Monitor Traffic Rates

• Monitor BOGUS servers

11

Popular links

• http://www.isc.org

• http://www.bind9.org

• http://www.bind.org

• http://zebra.org

• http://rrdtool.de

• Mailing list: bind-users@isc.org

12

Thank You

top related

0!12$/+3)-/+%2!(& - etisalat channel partner | etisalat
Documents
marketing presentation on etisalat
Documents
ladislav bares - uniwersytet warszawski
Documents
emirates telecommunications corporations etisalat ·...
Documents
ladislav prokes the player's composer
Documents
etisalat afghanistan
Education
etisalat regulations
Documents
business development manager- government & education ·...
Documents
ladislav pecen
Documents
avaya etisalat sip
Documents
etisalat lanka industrial report
Documents
etisalat casestudy
Documents
finance & accounting - etisalat academy
Documents
02 etisalat fttx seminar
Documents
ladislav brezovnik
Documents
etisalat annualreport2014 english
Documents
etisalat misr - · pdf filespectrum resources assigned for...
Documents
computerized real time tuning ladislav Šipeky ladislav...
Documents
airport security 2013 ladislav kaspar
Technology
application for .brand tld designation for tld...
Documents