I will have 2 servers in different datacenters (different countries) and I want to use DNS load-balancing mainly for High Availability of website hosted on those 2 servers. It is just ad tracking site, which records hit in local database and returns few lines on html code.
I want to return 2 A records each time because of DNS pinning in browsers (if one server fails, browser will try second A record which it has already cached).
Both servers will be acting also as DNS servers for redundancy. Now comes my proposed solution: I will use BIND and have both servers as a master for that zone. On each server there will be running script, which will periodically test availability (http) of both servers and remove IP from DNS in case of failure.
Now the questions :)
1) Is BIND suitable for this solution? I think BIND performance is good and it is easy to manipulate the zone file via script. And as I will modify the zone only in case of failure/maintenance, the modifications (and thus bind reload) won't be often.
2) I plan to use TTL of 5 minutes. The website will have about 1000-3000 req/s but from distinct clients (each IP only 1-3 requests), so I think the DNS load won't be too much. I suppose their ISPs will cache the responses for those 5 mins. Is there any reason to lower the TTL even more?
3) Is my master-master approach good? Or should I make one of the servers master and the other one slave? Right now each server can monitor both itself and the other one. If only webservice fails, both DNS nodes will notice it. If the whole server fails, then the remaining DNS node will notice it and the failed node will not answer DNS queries anyway.
4) Is it a big issue when one NS server does not respond to queries? If yes, I can make a third DNS, so anytime at least 2 of them would accept queries...
5) Should I rewrite the zone file via script, or just use dynamic DNS update (for example via nsupdateutility)?
1) yes, Bind is one of the options. But beware of its awfull bug and flaws history.
2) you can use whatever TTL but why could you want to lower it below 5 minutes ? And why 5 minutes instead of 10, or 30, or 120, etc ? Define your goal, then just use the required value.
3) it's a bad idea to let a DNS stop responding to queries if a webserver is unreachable. You'd better redirect to an error page... or just do nothing, which is the standard behaviour.
4) if you have more than one DNS, then if one fail, the client try another in the list. Most clients are ISP dns servers and they are nicely configured, so don't worry. This is another story if this is a Windows client doing direct queries, but this is only the case with DNS internal to a company for example.
5) why would you rewrite the zone file ? It have to be rarely done, so just use your favorite editor. If this is to change the zone file during a webserver outage, do as you prefer, but nsupdate may not be the best approach (not the best, but it works). Just rewrite the zone file and ask bind to reeread it.