Dynamic update forwarding is preventing name resolution if the master is unreachable
loudsong at gmail.com
Wed Apr 29 17:37:44 UTC 2009
I ran into an interesting issue with the "allow-update-forwarding" statement
on BIND 9.4.2-P1 which I haven't seen addressed in the BIND books I’ve
looked at or the websites I've come across. Here's what I'm seeing:
If a dynamic update is received by the slave and "allow-update-forwarding"
is turned on, it forwards the update over TCP to the master. However, if the
master is unreachable, the slave will keep trying to connect until that
connection times out. All the while, named will not answer any other queries
(iterative or recursive) while it is attempting to forward the dynamic
update along to the master. The outstanding queries seem to queue up, and
will not be answered until the attempt to forward the dynamic update times
Overall, if the master nameserver disappears, the remaining slave server
seems to stumble over a single dynamic update that it is now unable to
forward, causing all name resolution to cease.
I admit that I'm quite new to DNS administration, and much of my BIND
experience is limited to non-production environments. I'd be grateful if
someone could either confirm the behavior, or point out what I'm doing
wrong. I'd be happy to provide the data I've gathered on this should it be
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the bind-users