[Pdns-users] Multiple database servers

Norbert Sendetzky norbert at linuxnetworks.de
Mon Mar 7 10:42:55 UTC 2005

On Sunday 06 March 2005 14:16, bert hubert wrote:
> On Sun, Mar 06, 2005 at 01:34:58PM +0100, Lorens Kockum wrote:
> > > I would like to have pdns try another slave if one of the slaves goes
> > > down. Any insight would be appreciated.
> >
> > I wouldn't try to set up something unusual inside PDNS.

That's not unusual and I've implemented failover in the ldapbackend a while 
ago and it works very well.

> Historically, I've not wanted to do this, and for good reason. What
> constitutes 'down'? We typically have three situations:
>  1) database is really down
>   a) machine is off
>   b) connection refused on the TCP port
>  2) database does allow connection, but does not generate answers
>   a) wrong password
>   b) server out of memory etc etc

These conditions all have one in common (perhaps 2b only if the condition 
occurs while connecting): The connection fails!
Therefore, implementing a failover in this situation is very easy. The 
ldapbackend for example gets a list of servers from the configuration file 
and it tries to connect to these servers in the specified order until a 
connection was successfully established. If an existing connection fails, an 
exception is thrown in order to recreate the backend thread so it can connect 
to another server.

>   c) database corrupted
>  3) database works fine, but has no data, in other words, somebody
>     deleted our zones/records

Contrary to the former, I would not try to handle these situations in the 
backend code. They are definitively a job for a monitoring tool.

> These three situations are hard to detect. How often does a server fail
> cleanly, which is only situation 1b and possibly 1a (the timeouts can hurt
> in a big way).

Waiting for the timeouts only occurs once when trying to connect and not by 
every query and are thus neglectable.

> Our current suggested solution is to monitor the availability of your
> databases with available tools (nagios etc), and in case one goes down,
> rewrite the pdns configuration, and restart it. Alternatively, rewrite
> /etc/hosts and restart powerdns.

That's neither an easy nor an elegant solution and more error-prone. 
Personally I wouldn't recommend doing it this way because it would only be a 
workaround for something the pdns backend code should do.

> If we do it the other way, PowerDNS morphs into an uptime monitor, and
> those are available already.

Handling "unable to connect" situations doesn't makes a monitoring tool out of 
pdns ;-)

OpenPGP public key

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20050307/0c7b47a1/attachment-0001.sig>

More information about the Pdns-users mailing list