Multi-Server Setup with two masters? (NS1 master and NS2 master)

[InTheWoods]

I'm trying to come up with a sane solution to DNS management. Currently we have every shared hosting server with it's own unique nameservers, different than other shared hosting servers. DNS is hosted locally on each one.

Because DNS is hosted locally, until now, we've seen little reason to assign two unique IPs for each NS entry since it offers no real benefit despite being 'proper', both unique IPs would be doing DNS lookups from the same server so it just seemed silly to proceed with that and waste an IP address.

However, recently, a client has stated that they're unable to use our nameservers due to this, as their registrar requires each NS1 / NS2 nameserver to have a unique IP.

So if I'm going to update any DNS settings or make any DNS related 'upgrades', I might as well go all in and just fix this problem for all servers and upgrade the DNS enough market it as an upgrade (Geographically diverse, DDoS protected DNS). So here is what I want to do now.

Two MSS masters. One for NS1, one for NS2. They'd be in separate locations geographically and actually offer DNS redundancy. Then all slave servers being able to have their accounts use ns1/ns2.master-server.com for DNS with all records syncing between all slaves and the two NS1 and NS2 master servers.

Possible?

 

[cjd]

If the built in dns cluster system doesn't work for you, there are other options.

For customers not in our infrastructure that want their own DNS, I use DirectSlave, it's been working fine. Have only used it as a single additional node, not sure how it scales.

DirectSlave :: secondary DNS for DirectAdmin™ powered servers

directslave.com

We wrote our own scripts ages ago that use the dns_create_post.sh/dns_delete_post.sh/etc custom scripts to our multi node dns cluster (shows up as 4 nodes but it's actually more). Also use dns notify/transfer, so changes show up immediately when customers make changes (and eliminate LetsEncrypt wildcard certificate problems).

 

[Richard G]

as their registrar requires each NS1 / NS2 nameserver to have a unique IP.

Which is logical, because that is working correctly according to RFC's. Using 2 nameservers on 1 ip is not done and amateuristic. Can be used in the beginning to start business, or on hobby vps but should not be done for commercial hosting.

You can use a seperate VPS with Directadmin personal license in nameserver mode, or like @cjd mentioned use directslave, also workins fine.

 

[InTheWoods]

Thanks for the feedback everyone.

We use 'proper' DNS clustering for other products, but was unaware that DA allows for what appears to be a seamless setup of multiple master DNS servers. Since DNS is (soon to be 'was') being served from each individual shared hosting server, there was no 'technical' or 'performance' benefit in having two different IPs used for each ns1/ns2. If NS1 isn't responding, NS2 wouldn't respond regardless if it had it's own unique IP in that case so it seemed pointless to assign it one.

Anyhow, going to spin up 2 or 3 VPSes out of our network with DDoS protection and take the multi server setup for a test drive. This way it'll be a proper setup.

Thanks all!

 

[Richard G]

NS2 wouldn't respond regardless if it had it's own unique IP in that case so it seemed pointless to assign it one.

Correct, but if you have multiple servers, you could use ip 2 of server 2, as ns2 for server 1 and vice versa, this way it's not pointless and is a technical benefit. Maybe interesting for users reading this (now or in the future).

 

[InTheWoods]

Just an update:

Was a pretty simple process offloading and syncing records. All good, improved and proper now.