- This topic is empty.
-
Posts
-
Hello.
Today I give you my solution for having a backup DNS & DHCP server on my LAN, in the context of twin LAN Masters.
The goal is to have a valid solution , handy to maintain, to keep the services up in case the prime would be off for a long time (hardware issue…).
Solution for the DHCP server
It is trivial, the prime and backup servers have the same settings excepted the IP ranges that must not conflict, of course…
We cannot choose which DHCP will handle a given client, but it does not matter: there is one and they serve the same information.
If I needed a large IP range, the servers would share it then only one should be active at once:
– need to switch the backup DHCP on/off though a script,
– potential conflicts when leases are renewed on the other server with its list reset…Solution with a slave DNS server
This is easy to setup, but the slave DNS server is a read-only copy of the prime. The ZS GUI does not enable to edit it.
In case the prime server would be off for a long time, and some change would be needed in the zone, how to do that ?
For this reason I prefer to have 2 clone prime DNS servers, with a solution to avoid conflicts and easily replicate the settings of the zone.
Solution with 2 clone DNS servers
In the next post I will show how I easily replicate the whole DNS zone.
The active LAN Master is the gateway and traditionally uses the IP .1, then the twin servers both have a different administrative IP address that is always up:
– prime, named Janus1, uses .11,
– backup, named Janus2, uses .12.💡 Then both have .1 preset but only the active one has it up,
…and finally the zone is actually controlled by “Janus”, the one using .1, as defined below (this is LDIF extraction, see the next post):
# @, mydomain, lan, DNS, mydomain.lan
dn: relativeDomainName=@,dc=mydomain,dc=lan,ou=DNS,dc=mydomain,dc=lan
objectClass: top
objectClass: dNSZone
relativeDomainName: @
zoneName: mydomain.lan
mXRecord: 10 mail.mydomain.lan.
nSRecord: janus.mydomain.lan.
sOARecord: janus.mydomain.lan. reports.mail.mydomain.lan. 2014040102 86400 7200 3600000 172800
# janus, mydomain, lan, DNS, mydomain.lan
dn: relativeDomainName=janus,dc=mydomain,dc=lan,ou=DNS,dc=mydomain,dc=lan
objectClass: top
objectClass: dNSZone
relativeDomainName: janus
zoneName: mydomain.lan
aRecord: 192.168.xxx.1
pTRRecord: janus.mydomain.lan.
tXTRecord: "Either Janus1 or Janus2"
# janus1, mydomain, lan, DNS, mydomain.lan
dn: relativeDomainName=janus1,dc=mydomain,dc=lan,ou=DNS,dc=mydomain,dc=lan
objectClass: top
objectClass: dNSZone
relativeDomainName: janus1
zoneName: mydomain.lan
aRecord: 192.168.xxx.11
pTRRecord: janus1.mydomain.lan.
tXTRecord: "MyDomain's LAN Master (prime)"
hInfoRecord: "Alix 2D13" "Zeroshell"
# janus2, mydomain, lan, DNS, mydomain.lan
dn: relativeDomainName=janus2,dc=mydomain,dc=lan,ou=DNS,dc=mydomain,dc=lan
objectClass: top
objectClass: dNSZone
relativeDomainName: janus2
zoneName: mydomain.lan
aRecord: 192.168.xxx.12
pTRRecord: janus2.mydomain.lan.
tXTRecord: "MyDomain's LAN Master (backup)"
hInfoRecord: "Alix 2D13" "Zeroshell"
This makes the zone generic, and once the prime server has been disconnected, just switching the IP .1 up on the backup server makes it become the LAN Master.
Then in a next post it will be done automatically, of course, using: ifconfig BRIDGE01:00 up or down
Hmmm… 😕 I found a little issue, due to the switch connected to the twin servers:
When I unplug the prime then switch the IP .1 up on the backup server, the switch does not understand the change immediately, then the .1 no longer pings from the LAN 👿
Just un/replugging the backup server suffices to reroute the .1 but I hope I will find a better solution than switching the whole NIC off/on to force it…Now the essential continuation of this is the next post: how to easily backup, restore and replicate parts of the LDAP database.
Hope it can help someone.
Ideas for improvements are welcome.
Best regards.
- You must be logged in to reply to this topic.