Win2k forgets Nameserver?

Marc.Thach at Marc.Thach at
Thu Oct 4 09:53:39 UTC 2001

note that if you use BIND 8 (8.2.3 or later), the forwarder selection and
timeouts are treated like a delegation (good), but if you use BIND 9 then
they're not.  With BIND 9.2 and three forwarder entries I have seen uneven
forwarder timeouts, with the first forwarder timing out in 12 seconds and
then subsequent tmeouts 2 seconds.  This is pretty undesirable, obviously
the first timeout is the most critical.  By increasing the number of
forwarders to nine, all timeouts were at approximately two seconds, I
didn't test intermediate numbers of forwarders.  This was tested using
selective forwarding, I assume that global forwarding would be the same.
Note also that these were not unique forwarders, fowarder addresses may be
listed more than once.  I haven't tested any BIND 9.1 variants.
To conclude, if you are using BIND 9 then you should not list just two
forwarders.  If there are two actual forwarders I'd list forwarders as
{IP1; IP2; IP1; IP2; ..... }.  make IP1 a fake IP address and see how long
queries take to resolve (from IP2).  Increase the number of times the IPs
are listed until that resolution time is OK, and then put the right
adddress in for IP1.  Modify accordingly if your ISP has more caching
Marc TXK
The views expressed are personal and do not necessarily reflect those of
the organisation providing the mail address from which this message was

                    Simon Waters                                                                                      
                    <Simon at        To:     undisclosed-recipients:;                                        
          >                cc:                                                                     
                    Sent by:                  Subject:     Re: Win2k forgets Nameserver?                              
                    04/10/2001 02:25                                                                                  

None wrote:
> OK, I think I see what we did. We had the two internal and one external
> DNS servers listed in DHCP and the external DNS did not have our
> internal sites. We should have listed the external server as a forwarder
> instead of as a separate DNS server. Is that correct?

You got it, although forwarding has been much criticised in the
list before for valid reasons. More than one forwarder is
probably a good idea if you do forward, most ISPs have two or
more caching name servers. Think about just resolving off the
root servers from your DNS servers as well.

More information about the bind-users mailing list