From owner-freebsd-isp Wed May 23 1: 5:56 2001 Delivered-To: freebsd-isp@freebsd.org Received: from tethys.valhalla.net (tethys.valhalla.net [195.26.32.112]) by hub.freebsd.org (Postfix) with ESMTP id 0D87D37B42C for ; Wed, 23 May 2001 01:05:54 -0700 (PDT) (envelope-from mark@tethys.valhalla.net) Received: by tethys.valhalla.net (Postfix, from userid 500) id 0E2F333009; Wed, 23 May 2001 09:05:53 +0100 (BST) Date: Wed, 23 May 2001 09:05:52 +0100 From: Mark Drayton To: Nick Rogness Cc: freebsd-isp@freebsd.org Subject: Re: Resolving DNS setup Message-ID: <20010523090552.A6992@tethys.valhalla.net> Mail-Followup-To: Nick Rogness , freebsd-isp@freebsd.org References: <20010522185407.A30604@tethys.valhalla.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from nick@rogness.net on Tue, May 22, 2001 at 02:35:52PM -0500 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Nick Rogness (nick@rogness.net) wrote: > On Tue, 22 May 2001, Mark Drayton wrote: > > > Recently I set up a caching only nameserver at work which all our > > office machines, servers and dialup customers use for resolution > > instead of our two authoritative nameservers. A few days ago our > > internet connection went down, meaning that the caching nameserver > > couldn't get to the root nameservers and therefore couldn't resolve > > anything it didn't have cached. As it couldn't get to the root > > servers it also couldn't answer any queries for zones that we are > > authoritative for (even though the authoritative namesevers are on > > the same network). > > > > The end result of this was that customers who dialled into us > > couldn't see our site or pick up their mail as the caching > > nameserver wouldn't resolve the hostnames of the web/mail servers. > > One solution maybe to add your authoritative name servers as > forwarders in your caching only server config. If I do that won't the caching servers pass *all* requests to the authoritative servers (unless it has a valid answer cached)? One og the reasons I'm setting up the caching servers is to take the load off of the authoritative servers. Ultimately I don't want the authoritative servers to answer recursive queries. I was looking through the BIND docs and it appears I can define 'forward zones' with their own list of forwarders that override the global forwarders {} statement. I might try configuring the caching namesever with forward zones for all our zones to pass the requests to our authoritative servers. Any problems with this setup? > No, caching nameserver should get the info directly if it is not > cached locally, plain and simple. The TTL for that record on the > caching nameserver will take affect after it has been cached locally > on the caching nameserver. Hm, it seems to be working now... Cheers, -- Mark Drayton To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message