DNS, what is the order in which clients select ns records?

I

Ivante2015-04-15 22:26:45

Domain Name System

Ivante, 2015-04-15 22:26:45

There is site.ru, deployed on 3 servers at once, the 1st main, 2 and 3 backups, let's say a day ago. Each server has its own dns server that points to itself in the A record.
The following ns records are installed in dns, and each has its own A record
ns1.site.ru 10.0.0.1 A record 10.0.0.1
ns2.site.ru 10.0.0.2 A record 10.0.0.2
ns3.site.ru 10.0.0.3 A record 10.0 .0.3
Is the scheme true that all users requesting the site will receive all 3 ns of the server, and take the A record in order, that is, if ns1 is available, everyone will receive the A record 10.0.0.1 and only it. If the 1st server is unavailable, everyone will go to ns2, and if that one is already unavailable, then to ns3. As soon as the first server rises, all clients will return only to it.
That is, whether the order of ns servers is respected or the client takes a random one and such a scheme will not work. Thus it would be desirable to organize simple fault tolerance on dns.
PS The task is to secure availability, which does not require complex replication schemes and clusters, and strict data updating.

Reply

Answer the question

In order to leave comments, you need to log in

3 answer(s)

V

Vlad Zhivotnev, 2015-04-16
@inkvizitor68sl

Takes random.
Therefore, you need to proxy traffic from the backup to the main one, and when it drops, start giving the stub (or whatever you have) directly.

P

polozad, 2015-04-16
@polozad

Google round robin for DNS. You can’t set up a full-fledged ON through DNS, he doesn’t care.

D

Dmitry Filimonov, 2015-04-17
@DmitryPhilimonov

In any case, you need to have permanent server addresses in DNS, on which to balance using DNS, if necessary, and from which to proxy to the main / backup servers, as already noted in the answers, but I want to add a little for the sake of completeness.
You also need to take into account that client / provider servers cache requests, sometimes for a very long time, so there will be no calls to your NS. In addition, it is not clear how long the chain of servers is to you, they can cache anything along the way. By default, the bind caches for a maximum of a week , for example.
I also went through RFC1034diagonally, found important: "The order of RRs in a set is not significant, and need not be preserved by name servers, resolvers, or other parts of the DNS." Or: "Since the DNS does not preserve the order of RRs, this function may choose to sort the returned addresses or select the "best" address if the service returns only one choice to the client."
In general, you definitely cannot rely on a certain order anywhere.
A couple of examples:
For example, Google uses balancing: their NS returns one address with a small TTL (300). Here is the reaction of various servers to this: my named by default returns this, and until the TTL expires, it shows one record; 4.2.2.1 displays many A records at once with different small TTLs; 8.8.8.8 just doesn't cache, gives it to one address,
Regarding NS, you can try dig @8.8.8.8 ya.ru NSand make sure that the order is any.