Join Log in
Score:0
avatar Server

A CNAME pointing to 2 different A Records set up with Primary/Secondary Failover Routing?

cn flag
Kahn

Considering records like:

host.example.com as a CNAME to:

host01.example.com and host02.example.com

(on two separate records).

I want to set up those A records to be with a Failover routing policy.

Record Name      Type  Routing  Differentiator    Route traffic to
---------------------------------------------
host.example.com CNAME Failover Primary         host01.example.com
host.example.com CNAME Failover Secondary       host02.example.com

If host01.example.com is down for whatever reason, I want requests to host.example.com to still be satisfied, but just pointing to host02.example.com. Is this the correct way to implement such a policy in Route 53? Or would there be a better solution?

137
0 + 0
Score:2
Patrick Mevzek avatar Server
cn flag
Patrick Mevzek

host.example.com as a CNAME to: host01.example.com and host02.example.com

That is not possible, as you can not have 2 CNAME records on the same name. (as you can not have a CNAME record to cohabit with any other records for that matter - except DNSSEC ones).

If host01.example.com is down for whatever reason, I want requests to host.example.com to still be satisfied, but just pointing to host02.example.com.

The DNS does not work like that. By default, it provides load balancing, not failover. You can have various partial ways by using short TTLs, dynamic DNS to change IP addresses quickly, DNS anycast, rotating IP addresses in response, or then more importantly handle the problem at the next layer where it makes sense like HTTPS or something else. All load-balancers provide fail-over mechanisms (but then you also have to find out how to have fail-over for the load-balancers themselves).

For "hard" DNS cases to handle, look at dnsdist, that you can put in front of some authoritative nameserver but which enables you far richer way to construct replies.

0 + 0
cn flag
Kahn
I see what you're saying. It seems strange that Route 53 would let me configure two CNAME records like that then and save the configuration. How would it know which to resolve to - just whichever is hit first? I wonder if this will be an issue. I think maybe it would make more sense for us to point to host01 through a cname, and just have that enabled as a failover.
0
Reply
Patrick Mevzek avatar
cn flag
Patrick Mevzek
"How would it know which to resolve to - just whichever is hit first? " You will need to ask your DNS provider. 2 `CNAME` records on a given name is clearly against the DNS specification, so if anyone does that, only it can answer how it works, or if someone knows here and write another answer. Maybe failover is the core service provided here by your DNS provider but my answer is generic, as I think it might be dangerous to rely on non standard DNS things, at the very least it would make migration to another DNS provider more complicated.
1
Reply
cn flag
Kahn
Thanks Patrick - again if anyone is reading through these comments, to reiterate: this is through Route 53.
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.