Distributing DNS servers

Barrett Richardson barrett at phoenix.aye.net
Sat Aug 28 01:08:29 UTC 1999



On 27 Aug 1999, Barry Margolin wrote:

> In article <Pine.BSF.4.01.9908271847340.23631-100000 at phoenix.aye.net>,
> Barrett Richardson  <barrett at phoenix.aye.net> wrote:
> >Hmm. There is only on exit point to the Internet on this particular
> >network. They have exhausted their address space and have resorted
> >to using some IP's in the 172.16 - 172.xx range. Some segments are
> >on these IP's, some on registered IP's. What I was thinking of was
> >haveing multiple a.b.c.d's, (the authorative primary) potentially
> >on the 172.xx networks as well. With a single entry point into the network
> >the border router (actually the firewall just behind it) will have no way
> >of knowing which a.b.c.d to send a packet too. I guess I need to have
> >unique sources inside the firewall that all the other nameservers
> >behind the firewall forward requests for hosts outside the domain to.
> 
> All the a.b.c.d's should be equivalent, so it doesn't matter which a.b.c.d
> they send the packet to, does it?
>


I was concerned that an answer to a query would go to an a.b.c.d
that did not send the query and it would be clueless what to do
with it. The "query-source" solves that issue. Thanks for your
generous insight. 

-

Barrett

> 
> Right.  You can use the "query-source" option to specify a particular
> source address that is forced on queries that named sends out.
> 
> As I mentioned, we've been using a similar configuration (except we don't
> have the firewall complication that you have) for several months and it
> works like a charm.
> 



More information about the bind-users mailing list