On Mon, Feb 27, 2012 at 12:09 PM, Jared Mauch <jared@puck.nether.net> wrote:
On Feb 27, 2012, at 10:28 AM, William Herrin wrote:
How DNS is designed to work and how it actually works is not the same. Look up "DNS Pinning" for example. For most kinds of DR you need IP level failover where the IP address is rerouted to the available site.
I'm never claimed your response would be perfect, but it will certainly work well enough to avoid major problems.
No, actually, it won't. In practice, most end user applications disregard the DNS TTL. In some cases this is because of carelessness: The application does a gethostbyname once when it starts, grabs the first IP address in the list and retains it indefinitely. The gethostbyname function doesn't even pass the TTL to the application. Ntpd is/used to be one of the notable offenders, continuing to poll the dead address for years after the server moved. In other cases disregarding the TTL was a deliberate design decision. Web browser DNS Pinning is an example of this. All modern web browsers implement a form of DNS Pinning where they refuse to try an alternate IP address for a web server on subsequent TCP connections after making the first successful contact. This plugs a javascript security leak where a client side application could be made to scan the interior of its user's firewall by switching the DNS back and forth between local and remote addresses. In some cases this stuck-address behavior can persist until the browser is completely closed and reopened, possibly when the PC is rebooted weeks later. The net result is that when you switch the IP address of your server, a percentage of your users (declining over time) will be unable to access it for hours, days, weeks or even years regardless of the DNS TTL setting. This isn't theoretical, by the way. I had to renumber a major web site once. 1 hour TTL at the beginning of the process. Three month overlap in which both addresses were online and the DNS pointed to the new one. At the end of the three months a fraction of a percent of the *real user traffic* was _still_ coming in the obsolete address. Using the correct name in the Host: header, so the user wasn't deliberately picking the IP address. If you want DR that *works*, reroute the IP address. Regards, Bill Herrin -- William D. Herrin ................ herrin@dirtside.comĀ bill@herrin.us 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/> Falls Church, VA 22042-3004