Local Lookups Fail When the Net is down.

Mark Andrews marka at isc.org
Thu Dec 20 20:27:39 UTC 2012


In message <201212202013.qBKKDKsi002407 at x.it.okstate.edu>, Martin McCormick writes:
> 	We are using BIND 9.7.7 with recursion. Our boarder
> router temporarily failed completely isolating our campus from
> the rest of the internet.
> 
> 	During that time, it was impossible to do local lookups.
> We were showing 997 out of 1000 recursive clients which is no
> surprise but the loss of local resolution effected our telephone
> system which is migrating over to VOIP + any other lookups a
> client might do that at least in theory should still work
> because they are making queries for hosts in our master zones.
> 
> 	I have been here for a bit over 20 years and we have
> lost all connectivity only a very few times, but I had actually
> begun to think that newer versions of bind would still provide
> local resolution. The systems running the master and slave DNS's
> continued to run as they have plenty of resources, but there was
> no local resolution.
> 
> 	Is there anything short of internal and external-facing
> DNS's that we can do to be sure that local resolution stays up?

You need to look at search lists and make sure there are no external
dependancies.

If you have partially qualified names being used you may be depending
apon a NXDOMAIN from the root.  A local copy of the root zone will
help here.

If you do recursion internally you will need to increase the number
of recursive clients.

If you are validating you will want to distribute trust anchors
for internal namespace.

If you are using DLV you will want a internal copy of the dlv zone.
 
> Thank you very much.
> 
> Martin McCormick Stillwater, OK 
> Systems Engineer
> OSU Information Technology Department Telecommunications Services Group
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
> 
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org



More information about the bind-users mailing list