resilient designs for reaching root servers

Simon Waters Simon at wretched.demon.co.uk
Fri Jul 12 20:49:59 UTC 2002


Herb wrote:
> 
> I have two BIND 8.2.2 servers, S and T.  50% of my resolvers ("group A") list
> S first in resolv.conf and then T, and the other 50% ("group B") the other
> way.  S and T are secondaries for an internal domain (both fwd and reverse
> zones).  Both S and T can query the internet dns for answers.  S and T do not
> supply internal info to the Internet.
> 
> If the wire that links (say) S to the Internet is cut, external queries from
> group A will not be answered (unless they're already in S's cache).

But S returns SERVFAIL, and then the clients ask T for the
answer, don't they? Try it!

Depending on the resolver libraries in use in groups A and B,
they may query either server first - order listed is not
required to be strickly followed. DNS clients do all sorts of
different things.


More information about the bind-users mailing list