nslookup tries only first dns in resolv.conf
Kevin Darcy
kcd at daimlerchrysler.com
Tue Oct 24 01:47:25 UTC 2006
linuxnewbie1234 wrote:
> Hi all, not sure it's the right NG but...
>
> We have an internal network of linux computers, with an internal DNS to
> resolve internal names, then we have two external DNSs to resolve
> external names.
> So in the internal computers, resolv.conf contains 3 entries.
>
> Now, internal linux machines query only the FIRST dns server written in
> resolv.conf, failing to resolve SOME(*) external names.
>
> Question: why don't these machines try the other DNSs in resolv.conf?
> And: what is the proper configuration to make the thing work?
>
>
> TIA
> (*) for a reason not exactly known to me right now, the internal DNS is
> capable to resolve also many external names, that's why many external
> names are anyway resolved by the internal computers.
>
The list of resolvers is only to provide fallback in case one or more of
them fail or become available. The first answer to be received is taken
as definitive and none of the other nameservers in the list are
consulted. The resolver list is *not* intended to provide some sort of
"second opinion" if the client is told that the name doesn't exist, or
that it exists but owns no data of the requested type. All of the
"nameservers" (actually resolvers) mentioned in /etc/resolv.conf are
considered to be looking at the *same* namespace, so there's no point in
asking others if one already has the response to one's query.
If you want some names to be visible in both the internal *and* external
DNS, you'll need to create them and maintain them in parallel. That's
just a hard fact of life for administrators/architects using BIND.
- Kevin
More information about the bind-users
mailing list