A question with forwarder and listen-on
Kevin Darcy
kcd at chrysler.com
Tue Feb 23 23:24:31 UTC 2010
On 2/19/2010 11:51 PM, Kevin Oberman wrote:
>> Date: Fri, 19 Feb 2010 20:30:27 -0800 (PST)
>> From: gmspro<gmspro at yahoo.com>
>> Sender: bind-users-bounces+oberman=es.net at lists.isc.org
>>
>> > From /etc/bind/named.conf
>>
>> forwarders {
>> 212.27.53.252;
>> 212.27.54.252;
>> };
>>
> Queries will be forwarded to these to name servers rather than be
> resolved locally. Commonly used on internal servers to handle queries
> for external information.
>
>
At the risk of nitpicking...
s/ rather than /, or, if the forwarders are unavailable, / (depending on
the forwarding mode setting, "forward first" versus "forward only").
"Forward only" is for limited-connectivity situations (e.g. behind an
Internet firewall), where you can't reach the relevant nameservers
through the regular iterative-resolution process and have to essentially
assume the role of a stub resolver -- albeit one with a caching -- and
rely on upstream resolvers to resolve the query for you.
"Forward first" assumes you can reach nameservers through iterative
resolution, if necessary, but you prefer, presumably as an optimization,
to try some forwarders first (hopefully they return an answer faster
than fetching it yourself).
Forwarding is inherently inefficient and introduces more potential
points of failure, so it is usually seen in the "forward only" mode,
where there is no other choice to get around a connectivity restriction.
"Forward first" for optimization rarely delivers the hoped-for
performance benefit, although it does find a niche occasionally.
- Kevin
More information about the bind-users
mailing list