Multiple subnet prioritization

Issues related to configuring your network
Post Reply
JoeLemaire
Posts: 20
Joined: 2011/08/18 12:51:57

Multiple subnet prioritization

Post by JoeLemaire » 2016/07/10 03:59:13

Hello,

We have 2 sites (Prod and DR) with multiple subnets at each. We host websites at both, with reverse proxies in the DMZ and web servers on internal networks. We also replicate the reverse proxy configs between the two sites to ensure the hosted websites work the same at both locations. This means that the RP configs have to be 'generic' so that the work at both sites. In testing, we decided to do this with DNS, creating 'generic' DNS records that resolve to all web servers at each site, using subnet prioritization.

However, Centos doesn't seem to work the way I thought it would. It looks like it will do subnet prioritization when the server querying the record is in the same subnet that the returned results are in, but not when they are in other networks the server is not in.

Is there a way to configure a CentOS box to have subnet prioritization for networks it doesn't live on?

Thanks in advance,

Joe

User avatar
jlehtone
Posts: 4523
Joined: 2007/12/11 08:17:33
Location: Finland

Re: Multiple subnet prioritization

Post by jlehtone » 2016/07/10 10:57:34

I'm not sure what you mean by prioritization, but the BIND definitely can serve different names to different subnets, including localhost.

User avatar
WhatsHisName
Posts: 1549
Joined: 2005/12/19 20:21:43
Location: /earth/usa/nj

Re: Multiple subnet prioritization

Post by WhatsHisName » 2016/07/10 22:35:18

BIND view statements should do what you need.

These are commonly used for "internal" and "external" views, but how you use them is up to your imagination. In your case, BIND would server different zone files based on the requesting IP.

BIND view examples

forumitu
Posts: 118
Joined: 2014/02/20 14:30:51

Re: Multiple subnet prioritization

Post by forumitu » 2016/07/11 09:38:41

Please explain us what do you mean by "subnet prioritization". Depending on the address of DNS client:
  1. 1. receive different answer
  • 2. receive the same answer but different record order
  • 3. or something else?
For the point 1. it is the split DNS the answer (implementing with view, or separate DNS servers).
For the point 2. it is the "sortlist" feature the answer (using BIND, I do not know how other DNS servers implement this)

JoeLemaire
Posts: 20
Joined: 2011/08/18 12:51:57

Re: Multiple subnet prioritization

Post by JoeLemaire » 2016/08/15 20:52:41

All,

First off, thanks for your responses. I'm sorry I never really got back to this, but I just barely figured out what I needed.

Your replies led me down the path I needed. One key piece of info (that I now realize) I forgot to give was that our DNS servers are Windows DNS servers, not Linux. I believe the replies referring to using BIND views is correct in when using BIND as your DNS server. However, as I'm using Windows DNS servers, that means the answer to what I needed is described here: https://support.microsoft.com/en-us/kb/842197

Making this change across all of my DNS servers made it so that DNS Subnet Prioritization worked based off from the class B subnet instead of the default class C. As my sites are divided up by class B (ie Site 1 = 10.10.x.x and site 2 is 172.15.x.x), this means that the DNS servers will respond to clients within that site with the correct corresponding A record.

Sorry if I wasn't too clear in my original post. Thanks again!

Post Reply