From owner-freebsd-isp Tue May 22 11:22:26 2001 Delivered-To: freebsd-isp@freebsd.org Received: from cx175057-a.ocnsd1.sdca.home.com (cx175057-a.ocnsd1.sdca.home.com [24.13.23.40]) by hub.freebsd.org (Postfix) with ESMTP id 4CCBA37B422 for ; Tue, 22 May 2001 11:22:22 -0700 (PDT) (envelope-from bri@sonicboom.org) Received: from brian (cx175057-b.ocnsd1.sdca.home.com [24.13.23.147]) by cx175057-a.ocnsd1.sdca.home.com (8.11.1/8.11.1) with SMTP id f4MIMFc35753; Tue, 22 May 2001 11:22:16 -0700 (PDT) (envelope-from bri@sonicboom.org) Message-ID: <020b01c0e2eb$b7294120$3324200a@sonicboom.org> From: "Brian" To: "Nick Rogness" , "Mark Drayton" Cc: References: Subject: Re: Resolving DNS setup Date: Tue, 22 May 2001 11:19:12 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4522.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org This is one reason why people separate authorative servers from resolvers. Bri ----- Original Message ----- From: "Nick Rogness" To: "Mark Drayton" Cc: Sent: Tuesday, May 22, 2001 12:35 PM Subject: Re: Resolving DNS setup > On Tue, 22 May 2001, Mark Drayton wrote: > > > Recently I set up a caching only nameserver at work which all our > > office machines, servers and dialup customers use for resolution > > instead of our two authoritative nameservers. A few days ago our > > internet connection went down, meaning that the caching nameserver > > couldn't get to the root nameservers and therefore couldn't resolve > > anything it didn't have cached. As it couldn't get to the root servers > > it also couldn't answer any queries for zones that we are > > authoritative for (even though the authoritative namesevers are on the > > same network). > > > > The end result of this was that customers who dialled into us couldn't > > see our site or pick up their mail as the caching nameserver wouldn't > > resolve the hostnames of the web/mail servers. > > > > Obviously this is a Bad Thing and I'd like to sort it out, especially > > as I'm going to add another caching nameserver in the near future. > > What would be the best way of fixing this? My thoughts so far are: > > > One solution maybe to add your authoritative name servers as > forwarders in your caching only server config. > > > > > > > a) make the caching nameserver a slave for all the domains held on our > > authoritative nameservers > > That would work too. > > > > > > b) define all our domains as stub zones on the caching nameserver > > > > Another problem with the caching nameserver is it's very slow to pick > > up *new* RRs on our authoritative servers (I know I need to wait for > > the TTL to expire on changed records). Will the caching nameserver > > wait for the TTL of the zone to expire before it asks the > > authoritative servers, *even when it has no cached answer to the > > query*? > > > > No, caching nameserver should get the info directly if it is not > cached locally, plain and simple. The TTL for that record on > the caching nameserver will take affect after it has been cached > locally on the caching nameserver. > > > Nick Rogness > - Keep on Routing in a Free World... > "FreeBSD: The Power to Serve!" > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message