Date: Tue, 22 May 2001 11:19:12 -0700 From: "Brian" <bri@sonicboom.org> To: "Nick Rogness" <nick@rogness.net>, "Mark Drayton" <mark.drayton@4thwave.co.uk> Cc: <freebsd-isp@FreeBSD.ORG> Subject: Re: Resolving DNS setup Message-ID: <020b01c0e2eb$b7294120$3324200a@sonicboom.org> References: <Pine.BSF.4.21.0105221426060.91693-100000@cody.jharris.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This is one reason why people separate authorative servers from resolvers.
Bri
----- Original Message -----
From: "Nick Rogness" <nick@rogness.net>
To: "Mark Drayton" <mark.drayton@4thwave.co.uk>
Cc: <freebsd-isp@FreeBSD.ORG>
Sent: Tuesday, May 22, 2001 12:35 PM
Subject: Re: Resolving DNS setup
> On Tue, 22 May 2001, Mark Drayton wrote:
>
> > Recently I set up a caching only nameserver at work which all our
> > office machines, servers and dialup customers use for resolution
> > instead of our two authoritative nameservers. A few days ago our
> > internet connection went down, meaning that the caching nameserver
> > couldn't get to the root nameservers and therefore couldn't resolve
> > anything it didn't have cached. As it couldn't get to the root servers
> > it also couldn't answer any queries for zones that we are
> > authoritative for (even though the authoritative namesevers are on the
> > same network).
> >
> > The end result of this was that customers who dialled into us couldn't
> > see our site or pick up their mail as the caching nameserver wouldn't
> > resolve the hostnames of the web/mail servers.
> >
> > Obviously this is a Bad Thing and I'd like to sort it out, especially
> > as I'm going to add another caching nameserver in the near future.
> > What would be the best way of fixing this? My thoughts so far are:
>
>
> One solution maybe to add your authoritative name servers as
> forwarders in your caching only server config.
>
>
>
> >
> > a) make the caching nameserver a slave for all the domains held on our
> > authoritative nameservers
>
> That would work too.
>
>
> >
> > b) define all our domains as stub zones on the caching nameserver
> >
> > Another problem with the caching nameserver is it's very slow to pick
> > up *new* RRs on our authoritative servers (I know I need to wait for
> > the TTL to expire on changed records). Will the caching nameserver
> > wait for the TTL of the zone to expire before it asks the
> > authoritative servers, *even when it has no cached answer to the
> > query*?
> >
>
> No, caching nameserver should get the info directly if it is not
> cached locally, plain and simple. The TTL for that record on
> the caching nameserver will take affect after it has been cached
> locally on the caching nameserver.
>
>
> Nick Rogness <nick@rogness.net>
> - Keep on Routing in a Free World...
> "FreeBSD: The Power to Serve!"
>
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-isp" in the body of the message
>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?020b01c0e2eb$b7294120$3324200a>