Some hints on DNS config? [part 2]

[Barry Margolin]

In article <db3q4c$822$1 at sf1.isc.org>,
 Kimi Ostro <kimimeister at gmail.com> wrote:

> Hello again,
> 
> I've spent some time reading various places including previous posts to=20
> this list via google groups and pretty convinced that my config is
> next to useless, especially regarding caching/forwarding.
> 
> So, would using my ISPs nameserver be redundant? 

It is in most cases.

> and if I had one
> master (authoratative) and two slaves (non-authoratative), the slaves

Slaves should be authoritative for the zones they host.

> would still be caching? and on the master I would not need a
> root.hints ?

Master/slave and caching are totally independent.  A server is a master 
or slave for specific zones.  Separately from this, it will recurse when 
queried for names outside these zones (assuming the query has the 
Recursion Desired flag), and cache the results; however, you can use the 
allow-recursion named.conf option to restrict who can request these 
recursive queries.

It's recommended to use separate servers for authoritative and caching 
services.  So you should have a couple of caching-only servers that use 
root.hints and are not master or slave for any of your domains (but it's 
conventional to make them masters for "localhost" and 
"127.in-addr.arpa").  Then you should have a master server for the 
domains you host, and at least one slave server for those zones.

-- 
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***