Understanding concepts
Kevin Darcy
kcd at chrysler.com
Fri Feb 15 04:14:35 UTC 2008
F GV wrote:
> Hi everyone,
>
> I would like to understand clearly this concepts. I
> have read about them but just want to confirm.
> Thanks in advance.
>
> What forward is for?
> What recursion is for?
>
>
Recursive resolution is the act of getting someone else to do the name
resolution for you and pass you back the result. Kind of like paying
someone to fix your car instead of trying to do fix it yourself.
The opposite of recursive resolution is iterative resolution, where you
do the hard work of following the delegation/referral hierarchy all of
the way down from the root zone (if necessary), as well as handling
CNAME indirection, fetching glue, and other adjunct tasks. Every
recursive query, even if it passes through a chain of several devices,
each passing a recursive query to the next one in the chain, must
ultimately be handled by an iterative resolver. Someone must take
responsibility for actually resolving the query, and iterative resolvers
are the workhorses that do that.
"Forward" is a somewhat BIND-specific term that tells "named" to issue
recursive (see above) queries to some other nameserver or set of
nameservers, instead of trying to resolve the names itself. Forwarding
is overridden by authoritative data (i.e. if you are master or slave for
a zone you won't forward any queries for names in that zone) and is not
performed if the answer is found in cache. In BIND, forwarding can be
configured either selectively, for part of the namespace (by defining a
zone of type "forward" at that point in the namespace), or "globally"
(in the "options" section) in which case it applies to all names that
aren't otherwise authoritative data. Once forwarding is set globally, it
can be overridden by selective forwarding, or even turned off completely
for part of the namespace by specifying "forwarders { };" (semantically,
"forward to no-one"). Another aspect of BIND's forwarding configuration
is its "mode", either "forward first", in which case forwarding is
attempted, and if that fails then iterative resolution is used, or
"forward only", in which case only forwarding is used, and if that fails
then the failure response gets sent back to the requestor.
When "named" is configured to be "forward only", then it acts very much
like a stub resolver (e.g. the resolution mechanism of a typical
end-user PC), the main difference being that it will perform intelligent
caching of answers, whereas most stub resolvers won't.
- Kevin
More information about the bind-users
mailing list