forwarding options?

Matus UHLAR - fantomas uhlar at fantomas.sk
Fri Feb 1 08:01:20 UTC 2008


Hello,

I'll consider the rest, but until then:

> Matus UHLAR - fantomas wrote:
> > I can't put those rbldnsd's behind balancer, 
> > but even if I did, I first want
> > to query my local rbldns server, then any others (public).

On 31.01.08 21:05, Kevin Darcy wrote:
> Hmmm... okay. Now you're introducing some distinction between "local" 
> rbldns and "public" rbldns that I don't quite understand (obviously by 
> "local" you don't mean "running on the same box as BIND", since you 
> ruled out that option above, so what does "local" really mean?)

I think a piece of configurastion explains it:

zone "blah" {
	forward first;
	forwarders { IP; };
}:

BIND first forwards request to the IP, and when response doesn't come until
timeout, it continues resolving the usual way. I want to control the
timeout. It doesn't mean if the IP is on local machine, local network or
wherever. Shit may happen and I'd like to avoid timeouts when the response
from the IP doesn't come.

> > Because that is a different problem than the first one. Our "cache farm"
> > means multiple recursive BIND servers on one network (behind load balancer).
> > If one of them receives a request, I don't mind if it asks each other before
> > it starts querying public servers (the access to local network is faster
> > with more bandwidth available than access to most of the intenet).
> >
> > But if recursive requests would be send, caches caches would keep asking
> > each other until the timeout. So we have multiple caches that are unable to
> > cooperate with each other.

> That's an intriguing idea, a mechanism to have a farm of iterative 
> resolvers "opportunistically" and non-recursively query each other in 
> parallel with their normal iterative-resolution process. Perhaps you 
> should suggest that to ISC.

I first wanted to see people's opinions here. Maybe there's a problem I
don't see which makes the idea nice but impossible or dangerous.

-- 
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety. -- Benjamin Franklin, 1759



More information about the bind-users mailing list