none
DNS A Record to an IP range? RRS feed

  • Question

  • I work for a school district and we have a website that is hosted off-site by a 3rd party.  Our internal domain name and the website share the same name, so we have an A record of "www." which points to the external website's IP address so we can resolve to the external site from within our school.

    Due to the nature of our host, our website is not on a static IP address, but rather the site can be accessed throughout a range of IP addresses for the sake of load balancing and redundancy.  If I go to the school's website from home, or from my phone, it will resolve to any number of IPs within a range.  But, because we have a single A record with a single IP address on our DNS server, everyone inside the network only resolves to a single IP address.

    Normally this is perfectly fine and has worked without issue for years, but on Monday the IP address we use went down for some reason.  I was able to hop on my phone, get a different IP address and update the A record... but we obviously don't want this issue to repeat itself again as the website is crutial to several of our teachers.

    Is there some way to make a dynamic A Record that will either update the external IP address if the site becomes unreachable?  Or give an A record a range of IP addresses so if one goes down then we can get to it another way?

    If it matters, the server we are running is 2012r2, and it is fully updated

    Wednesday, November 16, 2016 2:51 PM

All replies

  • What you want to configure internally is called DNS round robin. That is what provides the multiple IP addresses when you resolve the name externally.

    The good news is that it's easy to configure. Just create multiple host (A) records with the correct name and give each of them a different IP address that the web site is accessible through.

    So, something like:

    • www resolves to IP1
    • www resolves to IP2
    • www resolves to IP3

    When clients query DNS they will be give the whole list of addresses. The client is the responsible for selecting the address to connect to. Most of the time clients are smart enough to failover to another IP address in the list if the first one stops responding.


    Byron Wright (http://byronwright.blogspot.ca)

    Wednesday, November 16, 2016 5:43 PM
  • Sounds great! I will give that a try tonight and see if it works right
    Wednesday, November 16, 2016 6:58 PM
  • When clients query DNS they will be give the whole list of addresses. The client is the responsible for selecting the address to connect to. Most of the time clients are smart enough to failover to another IP address in the list if the first one stops responding.


    Hi Byron Wright,

    Thanks for joining in this topic.

    Something in addition to yours, DNS round robin will return the full list of the DNS records when client query for that FQDN, while the order for the list will change every time, clients will always select the first IP address to visit, DNS round robin is mostly used for load balance.

    For example, DNS entries:

    www.test.com A 10.10.10.11;

    www.test.com A 10.10.10.12;

    www.test.com A 192.168.1.13;

    First time, client in 20.20.20.22 queries for www.test.com, it will get the list with order: 10.10.10.11; 10.10.10.12; 192.168.1.13, then it select the first IP address 10.10.10.11;

    Second time, client in 20.20.20.22 queries for www.test.com, it will get the list with order: 10.10.10.12; 192.168.1.13; 10.10.10.11; then it select the first IP address 10.10.10.12;

    Third time, client in 20.20.20.22 queries for www.test.com, it will get the list with order: 192.168.1.13; 10.10.10.11; 10.10.10.12, then it select the first IP address 192.168.1.13;

    In one time, if the first IP address is inaccessible, it wont turn to the second IP address, it may occur in the second query time.

    If clients in 192.168.2.0/24 subnet want to visit www.test.com, and we enabled NETMASK ordering in DNS server, then it will always get the list with order: 192.168.1.13; 10.10.10.11; 10.10.10.12, and always visit IP address 192.168.1.13.

    Feel free to point out if there are anything incorrect.

    Best Regards,

    Anne


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.


    Thursday, November 17, 2016 9:06 AM
    Moderator
  • Hi CaedenV,

    If the issue still exits, then you may provide the detailed information about your requirements, such as what is the IP addresses for the website, what is the record of the website in your internal DNS server, what is the subnet of your internal domain. You may use an invalid IP address to represent, just clear your environment for further discussion.

    Best Regards,

    Anne


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Thursday, November 17, 2016 9:09 AM
    Moderator
  • Hi,

    Have you got any progress with your issue? Could the above replies be of help? If yes, please mark related reply as answer, if not feel free to feed back.

    Best Regards,

    Anne


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, November 23, 2016 2:20 AM
    Moderator