Forwarders and performance
Glen Turner
glen.turner at adelaide.edu.au
Mon Oct 25 05:30:40 UTC 1999
Steve Snyder wrote:
> 2. There is a long term (named has been running for a while) gain to
> *not* having these to options defined as this forces all name resolution
> to be done via the root nameservers.
This depends on your round-trip time to the root nameservers.
A trans-Pacific hop to a root nameserver will cost 160mS to
480mS, so we in Australia always win by forwarding to a
well-populated forwarder located on the near side of the
big hop.
As an aside, you should be careful whom you are resolving
queries for if you are running a caching name server.
Otherwise they can be used to launch a denial of service
attack nearby well-connected machines (such as your
organisation's web server). See the advisory at
ftp://ftp.auscert.org.au/pub/auscert/advisory/AL-1999.004
--
Glen Turner Network Specialist
Tel: (08) 8303 3936 Information Technology Services
Fax: (08) 8303 4400 The University of Adelaide 5005
Email: glen.turner at adelaide.edu.au South Australia
More information about the bind-users
mailing list