How to create weighted DNS A-records

[agreenbhm]

I've got a website that's hooked up to the internet with two WAN connections. I want to use the multiple WAN connections in a failover setup. I have the WAN connections configured on the router on my end, but I'm unsure about how to set up the DNS to have my clients access the page. I have an A record pointing at the primary WAN connection, and it would make sense just to add the second WAN connection as another A-record, however, this will give me round-robin DNS, which I don't want. I only want traffic to come in on the secondary connection if the primary connection is unavailable.

This is simple to do with MX records, since you can assign a weight to each record, and mail will flow through the record with the lowest weight unless it is unreachable, at which point it will try the second MX record (if it has a higher weight, that is).

Is there any equivalent or method to do something similar to the weighted MX records for A records?

[+BudMan MVC]

No - there is no way to do this with standard dns, you can not set priority on A records like you can with MX. This is a service provided by some dns services though - for example dyndns provides this serice, zoneedit provides it as well.. Who is hosting your dns?

--

zoneedit failover feature

http://www.zoneedit.com/doc/faq.html#fo

Failover monitoring service works when you have two or more web servers running the same (or similar) web site.

* First, you need the IP address for your domain, and get it working - then you add the failover monitor.

* The failover monitor watches your web server(s) by hitting a URL you specify and looking for text in the results.

* When the system detects that one of them is having an error, and the others aren't, it pulls the IP address out of the list.

* If none of the IP's are responding and you have a failure IP/URL defined, then it points the site to the failure IP/URL.

* If the system can't get to all of the IP's then it assumes that the fault is it's own connection - and it takes no action.

* If any of your IP's come back online they are restored

This effectively and safely keeps your site online - even if one of your web servers is down.

The average failure detection time is 10 minutes. This time varies depending on the speed of your site and the nature of the failure. Recovery times are faster, averaging 5 minutes.

http://dyn.com/dynect-active-failover

Dynect Active Failover

Overview:

In the event that your datacenter or server has a failure, you can remain calm knowing you have prepared yourself by using the Active Failover feature on the Dynect Platform. Using our global 24/7 network monitoring platform, we rapidly detect outages in your servers, datacenters, or network providers and re-route your traffic to available locations, ensuring that you are always up and running for your users.

How it works:

We monitor on HTTP, HTTPS, SMTP or ICMP/Ping from multiple locations on a 24/7 basis. If we detect that your primary server or datacenter has had a failure, we will immediately and seamlessly redistribute your traffic to an alternate location that you have pre-configured via rule sets on the Dynect Platform’s interface. You may also use your own internal monitoring that you can fully integrate with the Dynect Platform’s API.

Maximizing uptime:

By directing your traffic at the DNS level you have the power and flexibility to maximize uptime and be available to your customers 24/7. With automatic re-routing capabilities, your web users will never know there was an issue, because they will never experience a delay or dropped request. Many other failover products on the market sit inside your datacenters, so if your datacenter fails, your options for failover or back up will fail too.

---

The only way for this to work is for something to monitor you hosts -- and when it fails to change the A record in the DNS. You could maybe setup something on your own to do this - where is your DNS hosted? You could always write a script to change your DNS records if there if does not answer. I would suggest you keep your TTLs LOW if going to do something like this - kind of pointless if your TTLs are like 24 hours or something. As you already know if you put in multiple IPs for specific Record your going to get roundrobin action.. For failover support you need something outside the dns to change the dns records for you.

[Sn00pY]

BudMan, as always, has given a good insight as to how you can get round it - however I would be interested in why you need this and why Round Robin DNS is not an alternative?

No disrespect, but I doubt you are running a highly sensitive (uptime) service on your WAN connection, if you were you'd host it and have the hosting company provide said solution...

Just interested as Round Robin DNS would work for you, unless there is a specific reason, of course :)

[agreenbhm]

BudMan, as always, has given a good insight as to how you can get round it - however I would be interested in why you need this and why Round Robin DNS is not an alternative?

No disrespect, but I doubt you are running a highly sensitive (uptime) service on your WAN connection, if you were you'd host it and have the hosting company provide said solution...

Just interested as Round Robin DNS would work for you, unless there is a specific reason, of course :)

Thanks for the input, guys. I'll look into BudMan's suggestions as soon as I get a chance. Right now our DNS is hosted with GoDaddy.

Sn00pY, the service is fairly critical as far as uptime is related (it's time entry for clients), but we're comfortable with hosting it in-house.

[Sn00pY]

So are you using GoDaddy to point directly to your WAN IP ?

I still am curious as to why Round Robin isn't good enough, if it's for an end user then RR is probably enough - however if it's for a management tool etc then perhaps not so much.

[agreenbhm]

So are you using GoDaddy to point directly to your WAN IP ?

I still am curious as to why Round Robin isn't good enough, if it's for an end user then RR is probably enough - however if it's for a management tool etc then perhaps not so much.

Yes, GoDaddy points directly to the WAN ip. RR won't work since we have two connections: 1 is a T1 dedicated to this server. The other is a cable internet connection used for the office internet access. I don't want to tie up the office's internet connection unless entirely necessary.

[Sn00pY]

Ah fair enough... Hmm... That's a difficult one to attack to be fair.

DynDNS is probably the best free alternative out there.

[+BudMan MVC]

Godaddy did make some improvements to their dns service awhile back. I have some domains registered with them, but currently don't use their dns service for any of them. Either pointed to hosted solutions dns, or zoneedit. Zoneedit allows for 5 free domains I do believe - so you could host your dns there and use their failover service for free, I do believe?? Double check that - currently not using that feature for the domsins using zoneedit -- would have to check if you can use that feature for free or not?

Godaddy might offer the feature now?? But I don't believe they do - you could check with them.

Your best bet would be to move your dns to a dns service that provides these features - dns services are pretty cheap! Round robin not really something that works as a failover solution - for starters if you don't want to use both connections to host, ie load balancing there is no way around that.. The up side is if you were ok with the load balancing - if one link goes down, atleast 50% of the time users would be able to access it ;) heheh