Documentation of forwarding behaviour ?
d.thomas at its.uq.edu.au
Mon Nov 27 23:30:31 UTC 2006
We want to run a local caching name-server on some of our busier systems
to overcome the horrible behaviour of unix resolvers in always consulting
name-servers in the order listed in resolv.conf, i.e. every dns lookup gets
slowed down when the first name-server in that list becomes unreachable.
The local name-server will be setup to forward to our main name-servers,
but this will only help (apart from cached records) if named is smarter
than resolvers, i.e. does not continue to try forwarders in the order
listed in the config file. It would seem named really was this dumb until:
1367. [func] Use response times to select forwarders.
so it would seem the list of forwarders is now effectively dynamically
re-ordered so the fastest responding forwarder is tried first. Presumably
each forwarder needs to be tried occasionally to keep the list of response
times up to date. Response times may also vary dramatically depending
on whether the answer can be found in the forwarder's cache, so maybe
the minimum response time is a better metric than the average response
time on the assumption it reflects a cached reply.
Can somebody confirm this dynamic re-ordering is now the case ?
It would also be useful to have a rough idea on how quickly named moves
from trying what was the fastest responding forwarder when that becomes
The 9.4.0b4 ARM documentation listed below does not seem to have been
updated to reflect this change, e.g.
"they are queried in turn"
NB the 9.4.0b4 CHANGES file does not list any 9.3 releases, so I had to
go back to a 9.3.x CHANGES file to find the first release with 1367.
Perhaps the lack of 9.3 releases comes from how development was branched?
Even a caching name server does not necessarily perform the complete
recursive lookup itself. Instead, it can forward some or all of the queries
that it cannot satisfy from its cache to another caching name server,
commonly referred to as a forwarder. There may be one or more forwarders,
and they are queried in turn until the list is exhausted or an answer
is found. Forwarders are typically used when you do not wish all the
servers at a given site to interact directly with the rest of the
Internet servers. A typical scenario would involve a number of internal
DNS servers and an Internet firewall. Servers unable to pass packets
through the firewall would forward to the server that can do it, and
that server would query the Internet DNS servers on the internal
The forwarding facility can be used to create a large site-wide cache
on a few servers, reducing traffic over links to external name servers.
It can also be used to allow queries by servers that do not have direct
access to the Internet, but wish to look up exterior names anyway.
Forwarding occurs only on those queries for which the server is not
authoritative and does not have the answer in its cache.
forward This option is only meaningful if the forwarders list is not
empty. A value of first, the default, causes the server to query the
forwarders first Ñ and if that doesnÕt answer the question, the server
will then look for the answer itself. If only is specified, the server
will only query the forwarders.
forwarders Specifies the IP addresses to be used for forwarding.
The default is the empty list (no forwarding). Forwarding can also be
configured on a per-domain basis, allowing for the global forwarding
options to be overridden in a variety of ways. You can set particular
domains to use different forwarders, or have a different forward
only/first behavior, or not forward at all, see Section 6.2.23.
d.thomas at its.uq.edu.au Danny Thomas,
+61-7-3365-8221 Software Infrastructure,
http://www.its.uq.edu.au ITS, The University of Queensland
More information about the bind-users