Solved Subdomain pointing to multiple IPs

August 18, 2017 at 10:04:24
Specs: Windows 10
We have three internet services (WANs) terminated on one router. Router does load balancing as well as failover management. Some of our clients use RDP(port 3389) and remote login on daily basis. Those are all business users and they use "subdomain.mydomain.com" to connect with RDP session. There is A record in DNS Zone for "subdomain.mydomain.com" which is pointing to static IP of one WAN.

Considering this scenario, when one WAN (with the static IP that was set in above subdomain) fails then users cannot login. During such cases we manually change A record and update the IP for the subdomain.

Someone suggested to create three A records for the same subdomain which are pointing to different IPs. Is this going to work when one ISP fails? Any other issues with this arrangement?

If you have any other better suggestion then please include in your replies.

message edited by AlexGrover


See More: Subdomain pointing to multiple IPs

Reply ↓  Report •

#1
August 18, 2017 at 10:48:42
I haven't considered this situation myself, but you might want to look into website load balancing and fail over solutions, to see if any of them are compatible with RDP. Failing that, you'll probably need an RD Gateway server and HTTPS fail over tech.

How To Ask Questions The Smart Way

message edited by Razor2.3


Reply ↓  Report •

#2
August 18, 2017 at 12:39:34
✔ Best Answer
We utilized VRRP technology with our VPN as well as our dual redundant core switches.

We have two WAN connections presently (we're looking at adding a third) and utilize the VRRP technology on our VPN gateway to provide redundancy.

You would have to investigate whether or not VRRP would work with a single router. I have no idea offhand if it would unless the router itself is VRRP capable. You'd have to check into the details on both VRRP and your equipment's capabilities to see if you could utilize this technology. I can tell you this much, if you have a single router with 3 WAN connections it is still a single point of failure so even if you have VRRP capability on it, you have no true redundancy. You could deal with loss of a WAN connection but if your router goes down, you're external traffic stops.

I would look at a separate router for each WAN connection.

I'm not sure exactly how the VPN is configured myself but I do know our external connections run through dual routers. My bailiwick is the LAN/MAN/WAN (excluding the physical external links - our VPN/BGP admin takes care of those) and I can tell you exactly how we use VRRP internally.

We have dual redundant 10/40 GB core switches....sides A and B.
A = .249
B = .251
VRRP IP = .250

.250 is the advertised gateway address on all client subnets (server subnets are routed by other routers) and clients all get .250 addresses. In reality, either .249 or .251 handles routing depending on which is primary at any given moment in time. VRRP handles the routing between the dual core switches.

It matters not how straight the gate,
How charged with punishments the scroll,
I am the master of my fate;
I am the captain of my soul.

***William Henley***

message edited by Curt R


Reply ↓  Report •
Related Solutions


Ask Question