Last night I started getting notifications that services were offline, but when I checked the Peplink Balance One, nothing was wrong.
I finally figured out the problem: I have static IPs, and DNS records that point to these IPs are hosted by a third-party hosting provider. They were having a major DNS failure, with their servers either not returning any data, or in one case returning “SERVFAIL, id: 2707”
Fortunately the DNS outage only lasted a few hours, but this leads me to ask the question:
What can I do to protect myself from that single point of failure of DNS?
Does the Balance One have the ability to let me know if a particular DNS host has gone down? Under Network / WAN / Health Check settings I could add my third party DNS hosts, but it looks like the Peplink would only alert me if ALL DNS has failed, but would not alert me if only some DNS has failed. Is there a way to get the Balance One to send me reports on partial failure?
Is there a way to have some other party handle DNS so that if my DNS provider goes down, it will fail over to the other company?
Does the Balance One have ability to serve primary or secondary DNS?
You can set any DNS server you want on the WAN page. If you are on a static IP, you probably already entering them manually. If you are getting WAN settings automatically you can still un-check “obtain DNS servers automatically”. Typically you would use your ISP’s DNS server as they are on the same network so reply will be faster. In another thread I explained that we are having trouble with Comcast/Xfinity DNS servers so I began using others.
You can always use public DNS servers. A google search will give you a whole bunch of them. Ping a few, look at the response time to see who is a quick reply. Google’s own DNS is 8.8.8.8 and 8.8.4.4.
If your ISP is usually good but you want a backup, just use your ISP for DNS #1, and a public server for DNS #2.
Thanks, but that doesn’t solve the issue - the issue is that my DNS server for static IPs (which happens to be the same company that is my Registrar) went offline, which meant that people outside on the WAN could not connect into the LAN.
That’s a different problem than what you are addressing (when the peplink itself can’t resolve DNS and as a result people inside the LAN not being able to connect out to the WAN.)
Move your primary DNS hosting off your registrar’s servers. Instead use their servers as secondaries to a more robust service such as Amazon Route53 or Google Cloud DNS or Cloudflare DNS or even Dyn.
Good suggestions, but (perhaps?) overkill.
Would be nice if the Balance series could also serve DNS in this situation. Our DNS provider and ISP are different, so if the ISP is still up, our device could serve DNS during the break.
