Forward vs Authoritative traffic
Nex6|Bill
n6ghost at yahoo.com
Fri Nov 7 21:31:40 UTC 2014
zone is hosted on a load balancer, with parent org NS on internet side. when internet goes down, application goes down. putting a forward zone means internet downtime does not cause issues.
On Nov 7, 2014, at 12:56 PM, Darcy Kevin (FCA) <kevin.darcy at fcagroup.com> wrote:
> If your nameserver can get the info equally reliably either way, I'd question why you're using forwarding in the first place.
>
> Do you think you're going to get some sort of performance benefit from that?
>
> But, to answer your question, in the absence of taking a packet capture, you could always define all the authoritative nameservers as "blackhole" or "bogus" in your named.conf and see if the names still resolve (this assumes that the forwarders are *not* the same, or a subset, of the auth servers. If they are the same, or a subset, then I *really* would question why you're forwarding in the first place, since in that case the queries are going to *exactly*the*same*place*, and all you're basically doing is manipulating the value of the "RD" bit).
>
> - Kevin
>
> -----Original Message-----
> From: bind-users-bounces at lists.isc.org [mailto:bind-users-bounces at lists.isc.org] On Behalf Of Nex6|Bill
> Sent: Friday, November 07, 2014 3:05 PM
> To: Barry Margolin
> Cc: comp-protocols-dns-bind at isc.org
> Subject: Re: Forward vs Authoritative traffic
>
> My name server is not authoritative for it. but i want to verify once the forward is in place the query is following the forward and not the authoritative path.
>
>
> On Nov 7, 2014, at 11:46 AM, Barry Margolin <barmar at alum.mit.edu> wrote:
>
>> In article <mailman.1182.1415388915.26362.bind-users at lists.isc.org>,
>> Nex6|Bill <n6ghost at yahoo.com> wrote:
>>
>>> I am going to be adding a type forward zone for an important zone.
>>> how can i test that the forward is working correctly? if i do a dig
>>> against the NS the record will return no matter if its auth or fwd zone.
>>
>> If you don't have a zone file for the zone on the server, yet it
>> returns the correct answer, then it must be forwarding. Where else
>> would it get the answer?
>>
>> --
>> Barry Margolin
>> Arlington, MA
>> _______________________________________________
>> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
>> unsubscribe from this list
>>
>> bind-users mailing list
>> bind-users at lists.isc.org
>> https://lists.isc.org/mailman/listinfo/bind-users
>
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20141107/4411934c/attachment.bin>
More information about the bind-users
mailing list