G. Pape

tinydyndns - failover

Prepare failover for tinydyndns DNS service
Prepare failover for tinydyndns POP service

How to switch services to the failover machine

What can make the tinydyndns service fail?

  1. The nameserver handling the delegation to the tinydyndns domain is unavailable
  2. The nameserver running the tinydyndns service is unavailable
  3. The POP server handling the POP service for tinydyndns is unavailable (normally the same server as in 2.)

How can I provide failover services in these cases?

  1. Make sure you have multiple nameservers providing the delegation to the tinydyndns domain. Refer to the djbdns documentation on how to replicate your DNS service. To provide failover for your tinydyndns services, you need to have control over the servers handling the delegation.
  2. tinydyndns doesn't support automatic replication of its dynamic DNS data, so the tinydyndns domain cannot be handled by multiple servers simultaneously. But you can prepare one or more additional machines to handle the tinydyndns services in case the primary machine is unavailable, see below.
  3. To be able to switch over the POP service to another machine in case the primary machine is unavailable, you need to replicate the POP password database for the dynamic hosts whenever it changes, so that the failover machine knows about all dynamic host names that are handled by this tinydyndns service. See below on how to do this.

How to prepare a failover service for dynamic DNS data

Simply configure tinydyndns on the machine that should take over the tinydyndns and POP service in case the primary server is unavailable. Of course configure tinydyndns to handle the same domain name as the primary tinydyndns server, on an IP address of this failover server.

Adjust the TTL (time to live) of the delegation to the tinydyndns domain to your need (say four hours). This is the worst case downtime of the tinydyndns service in case the primary tinydyndns server gets unavailable, and after the administrator takes action. Switching over the services currently needs manual intervention.

How to automatically replicate the POP password database

The tinydyndns password database is changed by the ./setpasswd script only. To have the database replicated automatically when setpasswd is run, add a line that copies or syncs the passwd file to the failover machine to the end of the setpasswd script (remove the last line ``exit 0'' first).

E.g.: A primary tinydyndns service runs on a.ns.dyn.smarden.org. The failover service is prepared on a server with the IP address a.b.c.d. Add this line to /service/tinydyndns-pop/setpasswd on a.ns.dyn.smarden.org:

 # cd /service/tinydyn-pop/
 # cat >>setpasswd <<EOT
 rsync -e ssh passwd a.b.c.d:/service/tinydyn-pop/passwd

How do I switch services to the failover machine

First rebuild the data.cdb from the current passwd database on the failover machine:
 # cd /service/tinydyn/root
 # make rebuild
Now change the delegation on all available DNS servers that handle the delegation to your tinydyndns domain to delegate the domain to the IP address of the failover machine is running tinydyndns on.

That's it. Within the next four hours (or whatever you've set as TTL), clients that try to update there dynamic DNS entry, and clients that ask for dynamic IP addresses of hosts in your tinydyndns domain, will switch to contact your failover machine.

Gerrit Pape <pape@smarden.org>