[RndTbl] programatically determine if DNS is down or blocked?
Theodore Baschak
theodore at ciscodude.net
Fri Apr 8 10:47:13 CDT 2016
On Thu, Apr 7, 2016 at 11:49 PM, Trevor Cordes <trevor at tecnopolis.ca> wrote:
> On 2016-04-07 Adam Thompson wrote:
> > Trevor, why don't you just pay $5/month for a VPS somewhere out on
> > the 'net (in Canada, even!) with static IP addresses and use that as
> > your central coordination point? If it's still just the principle of
> > the thing, well, keep flogging away at it.
>
> This isn't that thing (and any other "things" I may have had are
> already on static IP). The issue here is the mitigation of a problem I
> had a couple of months ago where a Major US Hosting Provider I have an
> app on decided to block my DNS. App went completely mental and crashed
> nearly everything.
>
> Investigating the code paths it is very clear I need to do some
> delicate things with the results of DNS queries. To do this reliably I
> need to know that DNS is working. That means if Hosting Provider
> blocks me, I want to stop doing delicate things. If my own named dies
> (now that I don't rely on said hosting provider's DNS server), I want to
> stop doing delicate things.
>
> It's funny, but not much discussion of this out on the net... I guess
> no one else needs a reliable way to tell if DNS is "working". And if
> they do, they're coming up with proprietary solutions (as I am, it
> seems). Granted, the app in question is doing some stuff that not many
> others are doing...
>
> I have some good ideas now, mostly just an aggregation of a bunch of
> mini tests I can run whenever a lookup fails. Then, if the tests fail
> (i.e. DNS is "down") I can just "pause" my app until situation is
> resolved. Add in some time-caching so as to not waste too many cycles
> on this, and voila, I should be able to better survive any of myriad
> possible DNS issues... In theory. I didn't want to code it myself, but
> looks like I'll have to.
>
Have you looked at running multiple recursive resolvers on your system and
using a load balancer to always hit a live one?
http://dnsdist.org/
Theo
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.muug.mb.ca/pipermail/roundtable/attachments/20160408/e3246f84/attachment-0001.html>
More information about the Roundtable
mailing list