CloudfloorDNS Blog

12-13-2021 – What is DNS Failover?

By: Eric McIntyre, CloudFloorDNS

DNS Failover by CloudFloorDNS

What is DNS Failover?

DNS Failover is a cloud-based service that leverages remote monitoring coupled with Anycast DNS services. It’s designed to add uptime and prevent outages by failing over a hostname to a backup IP or CNAME.

Failover is powered by two separate services: Server or application monitoring and a DNS platform.  The DNS must have a low TTL that can handle automatic DNS Failover based on the intelligent monitoring decisions.

Failover is accomplished by multiple monitoring points using different networks in various geographical locations.  The monitoring must have intelligent decision-making to prevent false positives or failover could happen when it isn’t needed.

Failover is initiated when the monitoring “brain” determines that more than one of the monitoring agents can’t reach the IP or hostname being monitored. This kicks off the failover rules and DNS will automatically change the CNAME or IP address to the backup address.

The DNS service within DNS failover should be a fast & reliable that offers a very low TTL (also known as DNS cache time). The TTL should be set at half of the time of the test interval. For example, if we are testing a web server every 1 minute, the DNS for the www.example.com record should be set to a 30-second TTL. This allows recursive servers around the globe to ensure a fresh lookup on the www record every 30 seconds.

When the monitoring endpoints detect a “down” host, our Netmon monitoring platform collects all location reports and if more than 3 are down we action the ruleset for that failover test. In this HTTP web server example, we will move the DNS record for www.example.com to the backup IP Address set in the rules.

How DNS Failover works – step by step

  1. Setup your DNS on a provider that offers DNS Failover – Move DNS to CloudFloorDNS Anycast DNS platform that offers a low TTL option for DNS failover. If you stay at a provider such as GoDaddy, or another basic DNS provider, you would only be able to use CNAME Failover options and CNAME your DNS to CloudFloorDNS
  2. Determine what needs to be monitored – ie. What pain point do you want to solve? Is the issue with your ISP going down, or a server going down? This determines what you want to monitor and what protocol to use
  3. Determine what service you want to failover – If it’s a Web server, you would want to failover the www subdomain and possible the root domain and what IP address or CNAME is for the backup
  4. Begin Monitoring target – Start monitoring from 3 or more locations globally and ensure all monitors are actively monitoring and determine the target is UP
  5. Setup Notifications – Set Notification up to send emails to your team. Setup DNS Failover rules when the monitor fails. This ruleset tells the DNS what hostname and what backup CNAME / IP to move to on failure. You can select just one hostname or multiple hostnames/backup IP’s
  6. Failover or Fail-Back? Determine if your failover should Failover and Fail-back when the primary comes up, or Failover-StayOver where it will failover but you will have to manually fail-back
  7. Set it and forget it – DNS Failover will notify you when your target fails and will instantly failover your selected hosts to backup IP/CNAME. If you have Fail-Back set – it’ll notify you and failback to the primary IP/CNAME
How DNS Failover works

Figure 1 – How DNS Failover works in conjunction with Server Monitoring [Click to enlarge]

Can DNS Failover help your online business?

Most likely it can! Below are few use case scenarios to help you determine if DNS failover can help your servers & applications run faster, stay up and provide more uptime for your online business. If you are still running your online business on a DNS without any uptime SLA, it’s highly suggested you move immediately to a reputable DNS provider that offers a 100% uptime SLA

ISP Failover for Two Internet Connections

In the example of ISP Failover, you can apply the same monitoring platform, but you should set ICMP/PING as the protocol and ping the gateway of the primary ISP every 1 minute. When the primary ISP goes down, CloudFloorDNS will activate the failover ruleset and instantly move all your selected subdomains for your on-premise servers & apps to the backup ISP. There is no difference in price if you move one subdomain or multiple. You can move VPN, WWW, FTP, OWA for example – all with one failover test, or just WWW

GSLB Failover with GEO Load Balancing

Many global organizations with multiple locations have many different VPN nodes for their employees to get on network. For example, there could be three in the US, one in the UK, and two more in EU and APAC respectively. To make it easy, the company provides a single domain VPN.EXAMPLE.COM to their employees – CloudFloorDNS can geographically load balance and failover the 3 locations should one go down or become unavailable. Using GEO DNS, CloudFloorDNS can detect end-user location, and provide the DNS answer to the closest VPN in their region. Offering this type of service provides greater uptime, drastically lowers latency and will make their connection faster.  When they travel, it’ll send them to the nearest VPN geographically. If one or multiple VPN nodes go down, DNS failover can remove the failed node(s) from the VPN load balancing group and add them back in when they come back up

VOIP Failover for VOIP

VOIP Failover can do all the above, although it’s specifically designed to monitor the SIP OPTIONS protocol. It adds a high availability option for disaster recovery by having a second backup VOIP server in another geographic location. The servers can be load balanced or the primary can be monitored and upon failure, move the SIP.Example.com hostname to the backup SIP server

About the CloudFloorDNS Netmon Monitoring Platform

The CloudFloorDNS Netmon Monitoring platform has 7 global locations with over 20 methods to select when setting up your failover test. If you are monitoring a web server, you would select http/https protocol. When monitoring an ISP connection, you would use ICMP/PING protocol. Other methods include TCP/UDP, SIP, FTP, SSH and others

DNS Failover is an easy way to add more uptime to any of your online services, and best of all it’s low cost coming around $50 per month and that includes Anycast DNS.

Learn more about our CloudFloorDNS DNS Failover solutions or contact us to get a quote