Moving from "type forward" to "type static-stub"

Oscar Ricardo Silva osilva at scuff.cc.utexas.edu
Fri Sep 21 00:49:08 UTC 2012


I have several recursive, caching BIND servers that were running the 
Redhat package of BIND.  Our servers started crashing because of a bug 
(previously identified AND fixed by ISC) so we've decided to ditch that 
version and run from source, 9.9.1-P3.  (I'm still not sure why redhat 
decided to use the rc1 version of source on which to build their rpm ... 
seriously ... the bug that hit us was fixed in rc2 AND the final release)


The current servers are configured to forward any queries for our domain 
straight to our authoritative servers:

zone "utexas.org" IN {
	type forward;
	forwarders {
		128.83.185.39;
		129.116.136.5;
	};
};




I've been reading about the new zone type:  static-stub  and believe 
this may work better for us.

zone "utexas.org" IN {
	type static-stub;
	server-addresses {
		128.83.185.39;
		129.116.136.5;
	};
};



If I'm correct, it will send non-recursive queries to the listed servers 
and will honor delegations. I've tested this configuration in our lab 
and it all appears to be working.

With our configuration, are there any downsides to changing from forward 
zones to static-stub?  Any gotchas I should know about?  At this time we 
don't have dnssec validation turned on.  We tried it and had too many 
problems with misconfigured domains not resolving properly so backed out.



Oscar



More information about the bind-users mailing list