Sharing insights from those that know far me than me. <https://www.menandmice.com/resources/webinar-dns-high-availability-tools/>
In short, the solution is that the 1st IP address should never go down. This can be achieved by an DNS aware load-balancer, such as "dnsdist" or "relayd" mentionied in the webinar. I've also have good experience with the commercial A10 load-balancer. >From the view of a DNS user, the solution is: Don't use the providers DNS resolvers, run your own It's usually faster to have own DNS resolver, and it's more secure (DNSSEC validation). For single machines, "dnssec-trigger" (https://nlnetlabs.nl/projects/dnssec-trigger/) is a great solution for Windows, MacOS X or Linux (should be in the package managers repository). For larger networks (5-5000 Client machines), install one or more dedicated DNS resolver (for small deployments, a Raspberry Pi 3 is powerful enough) using Unbound, Knot-Resolver or BIND 9. For larger deployments, use real server machines for the local resolver and deploy dnsdist or relayd in an High-Availability setup in front of the resolvers. So short version is Optus had an issue¹ and for home users the above gives some options. And yes we are a local agent for Men and Mice, but they only provide one of a couple of first class options. If anyone would like to discuss off list please email me. Regards, Chris Hurley BE (Elec) Signal Manager ****************************************************** Dragon Rail Pty Ltd Phone: 1300 730 531 74 Allanfield Crescent Boronia, 3155 Victoria Australia ****************************************************** > _______________________________________________ AusNOG mailing list [email protected] http://lists.ausnog.net/mailman/listinfo/ausnog
