Two DNS servers with one IP address

Michael W. Oliver michael at gargantuan.com
Thu Jun 26 23:32:05 PDT 2003 

+--- On Thursday, June 26, 2003 13:20,
| Alfonso Romero proclaimed:
|
| Thanks for your reply. The reason I wanted to have two DNS servers is
| because I want to register several domains and don´t want to depend on an
| external DNS service, but I found out the two DNS servers required by
| Internic must be physically separated also, so I´ll have to ask someone
| else to host my secondary DNS server, or stick with the available DNS
| options. I just wondered if it could be possible to have two DNS servers
| inside a LAN, behind a FreeBSD box with NAT.
|
| Regards,
|
| Alfonso Romero

Alfonso,

If you are thinking of running named on serverA and serverB (both in RFC1918 
space), and have them both use one globally routable IP address, there is a 
way.  I did this for a while before getting external secondary services.  
Here is what I did:

1) go to http://www.bsdshell.net/hut_fvrrpd.html and read about the HUT 
project.  Very interesting.

2) cd /usr/ports/net/freevrrpd && make install distclean

3) read the configuration stuff for vrrpd (if you are like me, read twice), 
and configure the daemon on both servers.

Now, say serverA is 192.168.0.51, and serverB is 192.168.0.52, and your VRRP 
address will be 192.168.0.50.  Just make sure that your VRRP configuration 
is correct, but that isn't all.  When the VIP moves from the primary 
machine to the backup machine, named won't give a crap.  It won't listen on 
the new IP alias (in my case anyway, YMMV).  I created a script that 
triggers on a VRRP state change that would kill named and then restart it 
once the new IP alias was installed (my script also installed a (V)IPv6 
alias upon master election... not sure if that is important to you).  Of 
course, make sure that natd on your gateway is forwarding DNS stuff to 
192.168.0.50.

I work with cisco IOS constantly, and HSRP is easy to take for granted.  It 
is beyond cool to be able to do the same thing with the servers themselves.

Not saying that this is the best solution, but it worked for me.

-- 
+-------------------------------------+------------------------------+
|       Michael W. Oliver, CCNP       | "The tree of liberty must be |
|         IPv6 & FreeBSD mark         | refreshed from time to time  |
|       michael at gargantuan.com        | with the blood of patriots   |
|   http://michael.gargantuan.com/    | and tyrants."                |
|  ASpath-tree, Looking Glass, etc.   | - President Thomas Jefferson |
|                                     +------------------------------+
|      gpg key - http://michael.gargantuan.com/gnupg/pubkey.asc      |
+--------------------------------------------------------------------+

More information about the freebsd-questions mailing list