After losing access to my server during a prolonged DDOS attack on my providers network, I am looking for a way to make my ISPConfig based hosting service more robust. I'm thinking about having a second server with a different provider at a different physical location and setting it up as a mirror of my current server. I know that there is an existing tutorial here for setting up a mirrored cluster but it says that it's a "proof of concept" so I'm not that keen on using it for a production service. Here are the questions... 1. Has anyone used this tutorial and found it to work OK? Is there a better way to create a redundant ISPConfig setup across 2 separate data centers? 2. If I do set up a mirror and run DNS on both, could I point the records on server 1 to the IP address of server 1 and the records on server 2 to the IP address of server 2? In my tiny brain I'm thinking that I can set up ns1.mydomain.com and ns2.mydomain.com so that if server 1 is down or unrechable, server 2 will start answering the DNS queries. I know there will be a caching lag but it's better than being offline for 3 days! 3. Will server 2 act as a secondary MX for email if server 1 is offline? I would also be interested to hear if anyone else runs a physically diverse setup and how you do it.
DNS: Why not just run dns1 on DC1 and dns2 on DC2? (dns2 is mirror of dns1) Mail: create two mail-server (2 is mirror of 1), create two MX-Records and use dsync from Dovecot to keep the mailbase in sync. Web: create two servers and use unison to sync the file + mysql master-master for the databases. You can follow https://www.howtoforge.com/installi...tabase-cluster-on-debian-6.0-with-ispconfig-3 to get an idea how this could work.
Thanks Florian. I didn't find the Debian 6 tutorial. It looks good. I plan to run the DNS servers like you suggest but as I understand it, if DNS1 is offline (say due to a hardware failure) then DNS2 will still be serving records that point to server 1 which will be offline. Or does ISPConfig know that server 1 is unreachable and automatically start point requests to itself?
Both DNS must have the same data. If you use a low TTL for IP-Web1 and IP-Web2 your server will return different ips (dns round robin). If you want to remove the IPs from server2 from the dns, you can either use a script, that: uses the remote-api and remove the records or comments some lines in the pri-file and reloads bind (you should run this on all servers and it´s very quick and diry - but it works) i did not mirror the interface to two servers. I just run mutliple dns, web, db and mail-servers. you can do this with round-robin in your dns or with something like haproxy. i don´t think, that will you find a cheap and working solution, to share anything between multiple DCs and switch to server2 or "remove" server 1 in case of failure. I tried a automatic failover-ip a while ago but this was quite a nightmare...
Yes, I agree that an automatic failover IP would be trouble. I'll have a go at setting them up on a few new servers and see what happens. Expect more questions soon! Thanks for the help Florian.
@mattltm I can identify with 3 days downtime. I have been testing a master -master mirror setup across two datacenters. It is working pretty well. Database replication is working great and file replication with Unison is also works fine. @Florian thanks for the tip about dovecot dsync. I was having some issues with email. My dns set up is Code: A mail 111.111.111.111 0 3600 A mail 222.222.222.222 0 3600 A domain.com. 111.111.111.111 0 3600 A domain.com. 222.222.222.222 0 3600 CNAME www domain.com. 0 3600 MX domain.com. server1.server.com. 10 3600 MX domain.com. server2.server.com. 20 3600 NS domain.com. server1.server.com. 0 3600 NS domain.com. server2.server.com. 0 3600 TXT domain.com. v=spf1 mx ip4:111.111.111.111/32 ip4:222.222.222.222/32 ~all 0 86400 In this setup mail.domain.com is used as the smtp/pop server for their mail clients. Having the two A records for the domain seem to work. Most of the time the first Ip is what is selected by browsers. When the first server is down, the browser does pick up the second ip. Still testing to see who it works on different browsers. I will test with different TTLs to see how that works as well