forwarders question

Michael Monnerie michael.monnerie at is.it-management.at
Mon Aug 10 19:10:15 UTC 2009


We are having 2 sites at different locations now with a DNS resolver on 
each site. Internet speed between those two different ISPs is very fast, 
and the hosts to resolve will be about the same because of similar 
services.

My idea is to use 
forward X; 
on site Y and 
forward Y;
on site X, but, as I couldn't find it in the documents, I believe this 
could lead to a resolver loop between X and Y and therefore even slower 
resolution. Or is BIND clever enough to only ask the other server once?

My tests seem to indicate it's working well, but maybe someone knows of 
any issues?

There are 2 reasons for this:
1) performance. Having the caches hot on both sides and with a high 
chance one caches knows entries the other can use, it should be quick.
2) reliability. Asking only internal servers which I can control is more 
secure than using any ISPs DNS. They start to do the DNS mangling here 
in Austria also (instead NXDOMAIN they deliver their web sites A record 
to point to their search engine).

mfg zmi
-- 
// Michael Monnerie, Ing.BSc    -----      http://it-management.at
// Tel: 0660 / 415 65 31                      .network.your.ideas.
// PGP Key:         "curl -s http://zmi.at/zmi.asc | gpg --import"
// Fingerprint: AC19 F9D5 36ED CD8A EF38  500E CE14 91F7 1C12 09B4
// Keyserver: wwwkeys.eu.pgp.net                  Key-ID: 1C1209B4


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20090810/db258f2a/attachment.bin>


More information about the bind-users mailing list