[Dnsmasq-discuss] How do others provide backup for their DNS? Ideas wanted

Michael michael at kmaclub.com
Wed Sep 1 20:04:24 UTC 2021


On 9/1/21 11:45 AM, Chris Green wrote:
> Thanks for the replies.
>
> It does seem that any sort of live failover for DHCP and/or DNS turns
> out to be quite complex.
>
> I am thus thinking that simply having a reasonably quick to start
> 'cold' backup makes sense.  I really don't mind if my LAN is DNS and
> DHCP'less for an hour or so, it can cope!
>
> The best idea (and I haven't really thought about the practicalities
> yet) I have had so far is a dual boot Raspberry Pi or similar that
> reboots itself to the 'other' OS in the small hours, backs up the
> 'main' OS (which is the dnsmasq server) and then reboots back to the
> 'main' server.  One then has a daily cloned image of the dnsmasq
> server which can be plugged into backup hardware if the server fails.
>
>

Hi Chris,


This is a topic that has come up periodically over the years and I too 
have watched with interest on how to best manage this.


I looked at using heartbeat and other failover service to handle any 
potential failure. but it just becomes so complicated if you are using 
DHCP too.   If you do just DNS, then this is all much simpler.


Here is what I am doing now:

1) Run dnsmasq (pihole actually) in a docker container on my 
"infrastructure" server.   It has a static IP/MAC separate from the 
infrastructure server.

2) Hourly, I rsync the docker data directory for pihole over to my 
desktop machine.   This contains the /etc/pihole directory, leases file, 
/etc/hosts file, etc.  It is a super tiny amount of data

3) On my desktop, I have docker installed and ready to go including the 
pihole install.


Then, when I have a failure or want to do maintenance, I just stop the 
pihole docker on the infrastructure server and start the pihole 
container on the desktop.   The service comes up with the same IP and 
MAC and the clients never know it happened.    When I am done, I just 
reverse the process.


It seems to work fine for my needs.


Michael






More information about the Dnsmasq-discuss mailing list