Friday, January 14, 2011

Anycast DNS setup using Linux and Cisco routers.

Cisco Router Configuration:

ip sla 101
dns anycast.example.com name-server 10.10.10.1
frequency 30
ip sla schedule 101 life forever start-time now
!
track 101 ip sla 101
!
ip route 10.0.0.1 255.255.255.255 10.10.10.1 track 101




Here is the IP route on the router:

router# show ip route 10.0.0.1
Routing entry for 10.0.0.1/32
Known via "static", distance 1, metric 0
Redistributing via eigrp 1234
Advertised by eigrp 1234 route-map STATIC-TO-EIGRP
bgp 1234
Routing Descriptor Blocks:
* 10.10.10.1
Route metric is 0, traffic share count is 1




Then you can see that this same address is also available from multiple locations:


router# show ip eigrp topology 10.0.0.1/32
EIGRP-IPv4 Topology Entry for AS(1234)/ID(10.9.9.1) for 10.0.0.1/32
State is Passive, Query origin flag is 1, 1 Successor(s), FD is 2562560
Descriptor Blocks:
10.10.10.1, from Rstatic, Send flag is 0x0
...
10.8.8.1 (Vlan20), from 10.6.6.1, Send flag is 0x0
...
10.7.7.1 (Vlan30), from 10.4.4.1, Send flag is 0x0



On the Unix server I have the following network interfaces setup:

eth0 Link encap:Ethernet HWaddr 00:15:17:A6:25:97
inet addr:10.10.10.1 Bcast:10.10.10.255 Mask:255.255.255.0

lo:1 Link encap:Local Loopback
inet addr:10.0.0.1 Mask:255.255.255.255



To summarize the whole setup.

1) The router does a DNS query to the DNS server that is directly connected to it every 30 seconds.
2) If the DNS query succeeds the static router stays in the table.
3) If the test fails the route is withdrawn.

1) If a DNS query is sent to 10.0.0.1 the router will process this by sending the query to the IP address the static route points to.
2) The DNS server accepts the query on the management interface, then passes it to the lo:1 interface for processing.


Depending on where you are at you automatically get routed to the closest server:

jemurray@pluto:~$ traceroute 10.0.0.1
traceroute to 10.0.0.1 (10.0.0.1), 30 hops max, 60 byte packets
1 l3-core-vl7.nts.example.com (10.50.1.46) 0.309 ms 0.338 ms 0.381 ms
2 anycast.ip.example.com (10.0.0.1) 0.202 ms 0.195 ms 0.180 ms


jemurray@paddington:~$ sudo traceroute 10.0.0.1
traceroute to 10.0.0.1 (10.0.0.1), 64 hops max, 52 byte packets
1 nts-desk120-brook.nts.example.com (10.50.120.125) 0 ms 0 ms 0 ms
2 anycast.ip.example.com (10.0.0.1) 0 ms 0 ms 0 ms



The best thing about this setup is:

1) If a server fails you automatically fail over to the next closest server. This way the client does not have to deal with DNS times outs.
2) Depending on your location you are automatically routed to the closest server. This will help with DNS response time.
3) It is not that hard to setup.
4) Nothing special is needed either the router or the server.

5 comments:

  1. This is really cool, but i wonder if it would make things a little bit more obvious if you could number your eth0 address like 192.168.x.x, so it is more easily seen where the real server address is and the virtual address is.

    it's an example after all

    thanks
    H

    ReplyDelete
  2. Is there a particular reason you used the loopback interface for the anycast IP as opposed to a subinterface like eth0:0?

    ReplyDelete
  3. If you multi-home your server, you want your most stable interface to be the anycast interface. This way if you have a single network uplink fail your anycast interface will stay up. It also keeps the routing table more stable.

    ReplyDelete
  4. These types of routers have superior capabilities than the customary wireless network router. Although typically more costly than other routers, it is considered a healthy investment to purchase such type.attuatori pneumatici

    ReplyDelete
  5. In the wake of perusing this, only one things to state. Out of this world.
    Mike Wallace

    ReplyDelete

Followers