fowarding vs named.ca

Joseph S D Yao jsdy at center.osis.gov
Tue Jul 12 20:55:28 UTC 2005


On Tue, Jul 12, 2005 at 07:45:53AM -0700, Jim Popovitch wrote:
> --- Joseph S D Yao <jsdy at center.osis.gov> wrote:
> > On Tue, Jul 12, 2005 at 03:30:18AM -0400, Jim Popovitch wrote:
> > > On Mon, 2005-07-11 at 14:28 -0400, Joseph S D Yao wrote:
> > > > As Barry and Brad noted, you seem to be misunderstanding how the name
> > > > server works.  You should not be forwarding to a local cacheing server,
> > > > but using your own cache.  You will hit a root server maybe once every
> > > > few months.
> > > 
> > > Well, I did 15 mins of tests last night....
> > > 
> > > ~$ tcpdump port domain | egrep -i "> [a-m].root-servers.net" | wc -l
> > >  18
> > > 
> > > no forwarders... seems like a few every minute. ;)
> > > 
> > > -Jim P.
> > 
> > Out of how many lines?  And, had you just started up?  ;-)
> 
> ~$wc -l domain.log
> 1922
> 
> And no, it wasn't just started.  Iam going to email you the log privately.
> 
> -Jim P.

OK, 18 lines is approximately 9 queries and 9 responses.  Besides the
TLDs that your name server hadn't seen before, or had expired out of
cache (Spain, Poland, India), I learned something I either had forgotten
or had never known.  The root name servers also serve in-addr.arpa.  So,
any time you look up an IP address with one of the 256 starting octets
that you haven't seen before, or that has expired out of cache, you get
to visit your closest root name server again.

This is still no reason to forward to another name server out there; it
would just have to make the same query.  One reason to forward to a name
server is if there is much better connectivity between you and it, and
it and the public Internet, than you have directly to the public
Internet.  E.g., a proxying firewall.  Or a server in your office that
has T3 (45 Mbps) connectivity out while you have 56Kb out (but 100Mbps
to it).  ;-)

-- 
Joe Yao
-----------------------------------------------------------------------
   This message is not an official statement of OSIS Center policies.



More information about the bind-users mailing list