From owner-freebsd-isp Wed May 30 14: 8:19 2001 Delivered-To: freebsd-isp@freebsd.org Received: from localhost.my.domain (thoth.upan.org [204.107.76.16]) by hub.freebsd.org (Postfix) with ESMTP id 3964B37B422 for ; Wed, 30 May 2001 14:08:02 -0700 (PDT) (envelope-from mikel@ocsinternet.com) Received: from ocsinternet.com (localhost [127.0.0.1]) by localhost.my.domain (8.11.3/8.11.3) with ESMTP id f4ULJvB00740; Wed, 30 May 2001 17:19:58 -0400 (EDT) (envelope-from mikel@ocsinternet.com) Message-ID: <3B141DE6.B67332A4@ocsinternet.com> Date: Tue, 29 May 2001 18:08:38 -0400 From: Mikel King X-Mailer: Mozilla 4.77 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: Mark Drayton Cc: Nick Rogness , freebsd-isp@FreeBSD.ORG Subject: Re: Resolving DNS setup References: <20010522185407.A30604@tethys.valhalla.net> <20010523090552.A6992@tethys.valhalla.net> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Mark, Why not make your caching server a secondary for theose zones you need to provide your dialin LAN access to? Then just cache everthing else...you could sertainly limit domain transfers to that server only on said domains and even set up a replicating schedule to make you maintenance a bit easier... cheers, mikel Mark Drayton wrote: > Nick Rogness (nick@rogness.net) wrote: > > On Tue, 22 May 2001, Mark Drayton wrote: > > > > > Recently I set up a caching only nameserver at work which all our > > > office machines, servers and dialup customers use for resolution > > > instead of our two authoritative nameservers. A few days ago our > > > internet connection went down, meaning that the caching nameserver > > > couldn't get to the root nameservers and therefore couldn't resolve > > > anything it didn't have cached. As it couldn't get to the root > > > servers it also couldn't answer any queries for zones that we are > > > authoritative for (even though the authoritative namesevers are on > > > the same network). > > > > > > The end result of this was that customers who dialled into us > > > couldn't see our site or pick up their mail as the caching > > > nameserver wouldn't resolve the hostnames of the web/mail servers. > > > > One solution maybe to add your authoritative name servers as > > forwarders in your caching only server config. > > If I do that won't the caching servers pass *all* requests to the > authoritative servers (unless it has a valid answer cached)? One og the > reasons I'm setting up the caching servers is to take the load off of > the authoritative servers. Ultimately I don't want the authoritative > servers to answer recursive queries. > > I was looking through the BIND docs and it appears I can define 'forward > zones' with their own list of forwarders that override the global > forwarders {} statement. I might try configuring the caching namesever > with forward zones for all our zones to pass the requests to our > authoritative servers. Any problems with this setup? > > > No, caching nameserver should get the info directly if it is not > > cached locally, plain and simple. The TTL for that record on the > > caching nameserver will take affect after it has been cached locally > > on the caching nameserver. > > Hm, it seems to be working now... > > Cheers, > > -- > > Mark Drayton > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message