Zone Forwarding and Avertised NS
Kevin Darcy
kcd at daimlerchrysler.com
Fri Oct 20 01:04:50 UTC 2006
April wrote:
> If the forwarder is not included as the avertised NS, will the next
> time the forwarding server goes to the avertised NS, instead of the
> specified forwarder?
No, it won't start going to the published NS'es just because it saw them
on a previous query, *however*, if you have a forwarding mode of
"forward first" specified (or no forwarding mode at all, since,
surprisingly, "forward first" is the default mode), then your resolver
*may* fall back to iterative resolution if the forwarders become
unavailable, and if the NS records for the zone still happen to be in
the cache, it'll use them. So, indirectly and under certain
circumstances, it is possible that those NS records may cause some of
your queries to be sent to the nameservers listed therein.
> If so, any way to force it goes to the specified
> forwarder only?
>
A forwarding mode of "forward only" is sufficient to prevent your
resolver from ever using NS records to determine what nameservers to
query for a given zone (unless of course forwarding is overridden
somehow at that point in the hierarchy or higher). "forward only" is the
mode one should always use when using forwarding to deal with a
connectivity issue/challenge (e.g. being firewalled off from direct
Internet querying). "Forward first", on the other hand, is strictly of
use in optimizing query performance/latency for machines that already
have the requisite connectivity to resolve anything they want _without_
using forwarding.
- Kevin
More information about the bind-users
mailing list