Date: Wed, 22 Feb 2006 15:08:05 -0000 (GMT) From: bsd@bathnetworks.com To: "bsd" <bsd@todoo.biz> Cc: Liste FreeBSD <freebsd-questions@freebsd.org> Subject: Re: Multiple DNS Message-ID: <1233.192.168.0.107.1140620885.squirrel@192.168.0.50> In-Reply-To: <B2AC1179-2F0A-4153-9DC9-DBDD6D65C4F4@todoo.biz> References: <1140335174.19974.19.camel@lmail.bathnetworks.co.uk> <B2AC1179-2F0A-4153-9DC9-DBDD6D65C4F4@todoo.biz>
next in thread | previous in thread | raw e-mail | index | archive | help
> > Le 19 févr. 06 à 08:46, Robert Slade a écrit : > >> Hi, >> >> I am looking for some advice. I have a network which is based on a >> number of servers running FreeBsd 6.0 serving Win XP work stations. >> (yes >> I know but..) The network is large enough to use DHCP and DNS for the >> internal network, I have setup a DHCP server with a Dynamic DNS >> (Bind 9) >> on one of the servers. That server is handling the LDAP side of the >> domain. >> > > Is your DNS server busy resolving internal requests or external ones ? Mostly external from what I can ascertain, it looks like the mail server (Qmail) doing lookups. > >> There appears to be a fair bit of DNS Traffic which leads to a >> secondary >> DNS being required to take some of the load as DNS lookup are slow. >> The >> question I have is should I just setup a cashing DNS on another server >> using the primary as a forwarder or even several servers eg the mail >> server and the secondary LDAP server, or should I setup a proper >> secondary DNS using my ISP as a forwarder with dynamic updates from >> the >> primary. >> > > You should not forward anything to your ISP. This is probably the > main reason for your DNS beeing slow. > > You should make shure you have well defined your network in your conf > (so that you don't resolve queries for outside users...)- > I would not advise you to forward any queries to your ISP as this > will disable the capacity for your own server to build It's own > resolver database and forward all the queries to the ISP (resulting > in slow answers)! I've now taken out the forwarders. > > > Normaly you should configure the master and the slave to be > authoritative for your internal domains. > And configure the master and the slave to resolve ALL the Internet > domains for your internal network and none for outside domains. > That is how I have setup the master, it only answer's queries from the internal network. > > DNS is very tightly related to network... And we don't have any clue > for the topology of your Net. > > > SHORT ANSWER : DON'T FORWARD --> BUILD YOUR OWN DATABASE!! > > >> Sorry if this is a bit vague, but I have no experience in this area. >> >> Rob >> > Thanks for the info, it has helped me. I had misunderstood the forwarders bit. Many thanks Rob
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1233.192.168.0.107.1140620885.squirrel>