Recursion, forwarders and server configuration in general

Mon Oct 1 17:26:52 UTC 2001

In article <9pa5vl$2kl at pub3.rc.vix.com>,
Michael Kjorling  <michael at kjorling.com> wrote:
>
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>On Oct 1 2001 08:13 -0700, Bilbo Baggins wrote:
>
>> Let's consider the following environment:
>>
>> ** NSa
>> Holds data for foo.com as a master
>> Has forward-only set up, and forwarders point to NSb
>>
>> ** NSb
>> Holds data for foo.com as a slave
>>
>> ** RS1
>> Host whose resolver is pointing to NSa. The resolver asks recursive
>> queries.
>
>You shouldn't point a resolver to an authorative name server if you
>can avoid it, but let's skip that for the moment.
>
>
>> ## Question 1 (just a confirmation):
>> Queries from RS1 regarding www.foo.com will be addressed directly from
>> NSa?
>> I suppose yes.
>
>Yes. Unless www.foo.com is delegated to some other server, in which
>the answer will be a referral if NSa does not perform recursion on
>behalf of RS1 or RS1 did not request recursion (rd flag cleared in
>query). If NSa performs recursion and RS1 did request that a recursive
>query should be made, then the answer will consist of exactly the data
>asked for.
>
>
>> ## Question 2 (just a confirmation):
>> Queries from RS1 regarding www.bar.com will still be treated by NSa in
>> a recursive way? That is, RS1 won't have to bother contacting NSb,
>> correct?
>> I suppose yes.
>
>See above. RS1 is free to ask recursive queries or non-recursive

Stub resolvers (which is what virtually all hosts use) always ask recursive
queries.

>queries; NSa will never perform recursion unless asked, and even if it
>is asked to may deny that depending on its settings with regards to
>recursion availability.

The default is to allow recursion, and he didn't say it has "recursion no"
configured, so I think we can presume that it will perform recursion for
RS1.

Since NSa has "forward only" configured, it will forward all recursive
queries to NSb if it doesn't already have the answer in its cache.  It will
never go out to the root servers itself.

>
>> ## Question 3 (another confirmation...):
>> In case the answer to the previous question (no. 2) is yes, the query
>> originating from NSa to NSb will be recursive?
>> I suppose yes.
>
>Why should the master server query its slave in the first place? NSb
>was never authorative for bar.com.

What are you talking about?  He said "forwarders point to NSb".

The answer to his question is yes, when a server sends a query to its
forwarders, the query is recursive.

If you don't have "forwarders" configured, then a recursive server will
work its way down from the root servers, asking non-recursive queries to
each server along the way.

-- 
Barry Margolin, barmar at genuity.net
Genuity, Woburn, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.