Tricky DNS configuration. Help!

Jim Reid jim at rfc1035.com
Thu Aug 24 14:29:15 UTC 2000


>>>>> "Tony" == Tony Bassette <kult at april.org> writes:

    Tony> 	I need to set up a DNS for an intranet (that's the
    Tony> easy part).  Let's call this "G".
    Tony> 	This DNS delegates zones to other servers that are not
    Tony> on the same network.  Let's call them F1 and F2.

Please use the real domain names. It's simpler for everyone. Inventing
names just confuses everyone. What if your invented names happened to
be real domain names?

    Tony> 	On F1 and F2, is it possible to configure the DNS so
    Tony> that it searches both the ISP's DNS and the "G" DNS for
    Tony> domain resolution?

Yes.

    Tony> 	For example, F1 handles the toto.com domain (intranet)
    Tony> and F2 handles the titi.com domain (intranet) and "G"
    Tony> handles plop.com (intranet) but recognizes toto.com and
    Tony> titi.com thanks to the zone delegation.

    Tony> 	How do I configure the DNS of F1 and F2 for this?

Tell the three name servers about the each other and the domain names
of the intranets that they serve. The simplest way to do that is make
them slave servers for each other's intranet's zones. This will work
provided the name servers allow zone transfers and the firewalls
between the nets allow DNS traffic to pass. It's also possible to tell
the name servers about each other's name spaces by using zone-specific
forwarding, but I don't recommend that. For one thing it's uglier and
harder to maintain. It can also break if the name server on the other
guy's net gets renumbered.

    Tony> 	My new problem is this: what hardware set up is needed
    Tony> to handle requests from 150 000 users?

It depends. How many DNS requests do these users make? How many of
those requests involve the name server in querying other name servers
to resolve the user's query? What other DNS load does the server
support? What other applications run on the same box as the server?
What other traffic goes through the routers and LAN used by the name
server? If you can have dedicated systems for name servers, I'd guess
that a modest PC running some flavour of free Unix would be good
enough for your needs. But this depends on the things you've not told
us, so it's hard to say for sure.

DNS is not usually compute-intensive. However name servers like to
keep all of their cache in RAM. So a system with lots of memory and no
other memory-hungry applications is generally the best platform for
name service. The size of the cache is a function of what names are
looked up by the clients that query the name server and how long those
names get cached. On most name servers, the size of the cache
stabilises after 1-2 weeks of running.



More information about the bind-users mailing list