Bind9: balancing by client ip (even/odd)
For some reason i need balancing client’s 50/50 for 2 datacenter’s
But, if client send GET request to datacenter1 (DC1) all following request need redirect to the same DC1. Only if DC1 is down – send to DC2
Simplest way – is share client’s by their ip (odd/even)
So we need two Bind9 services on one server.
First Bind9 will be answered that www.example.org is in DC1, second – in DC2
For example first named.conf:
zone "example.com" { type master; file "/etc/bind/db.example.com"; }; .... |
Zone:
cat /etc/bind/db.example.com ; example.com $TTL 604800 @ IN SOA ns1.example.com. root.example.com. ( 2016020201 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800); Negative Cache TTL ; @ IN NS ns1 IN MX 10 mail IN A 192.0.2.100 ns1 IN A 192.0.2.10 |
On second Bind9
zone "example.com" { type master; file "/etc/bind2/db.example.com"; }; .... |
Zone:
cat /etc/bind/db.example.com ; example.com $TTL 604800 @ IN SOA ns1.example.com. root.example.com. ( 2016020201 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800); Negative Cache TTL ; @ IN NS ns1 IN MX 10 mail IN A 192.0.3.100 ns1 IN A 192.0.3.10 |
On my Debian server i created second init script for bind9
cp /etc/init.d/bind9 /etc/init.d/bind92
And change defaults
cat /etc/default/bind92 # run resolvconf? RESOLVCONF=no # startup options for the server OPTIONS="-u bind -c /etc/bind2/named.conf" |
.
.
.
Add rule for firewall:
#even client ip iptables -t nat -A PREROUTING -i eth0 -s 0.0.0.0/0.0.0.1 -p udp --dport 53 -j DNAT --to-destination 127.0.0.1:53 #odd client ip iptables -t nat -A PREROUTING -i eth0 -s 0.0.0.1/0.0.0.1 -p udp --dport 53 -j DNAT --to-destination 127.0.0.1:54 sysctl -w net.ipv4.conf.eth0.route_localnet=1 |
Also you need enable EDNS
<pre lang="bash"> dig @127.0.0.1 +noall +comments +bufsize=1 query ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60508 ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 |