Some situations require a remote name server to act as authority so certain records are available in case of a site outage (remotely hosted web sites or mail services, for example). However, these servers do not share the Ecessa's capability to monitor WAN lines and update DNS records to reflect availability so this article will address different methods for achieving the desired results.
CNAMEs
CNAME records can be created to redirect users to the Ecessa to receive the available IP addresses for particular services. The following diagram shows an example of this type of configuration:
In this above example, a user trying to connect to www.example.com would be redirected to www.example.net which in turn resolves to the available WAN IP addresses on the Ecessa device. This will allow the Ecessa to monitor and update example.net while example.com receives the same benefits. If the Ecessa's site was down, most of the records would fail except for mail as the MX record redirects users elsewhere.
Here is a diagram illustrating the steps for DNS resolution using the CNAME method:
Please note that the CNAME method does not require separate domain names. In fact, the Ecessa device may be configured with a subdomain instead. The server acting as an authority for the parent zone will need to delegate control of the subdomain to the Ecessa device. The diagram below shows an example of this type of configuration:
The DNS resolution process would be the same as the previous method.
Master / Slave
Another method is setting the authoritative name server to act as a slave server while the Ecessa behaves as the master. The following diagram shows this type of configuration. Both the Ecessa and the remote name server are listed as authorities for the domain:
On the Ecessa device, ensure all the name servers are listed and zone transfers are enabled:
If it is desired so the Ecessa is not listed as an authority for the domain, please read the article How do I setup stealth DNS on an Ecessa device?
0 Comments