DNS connection refused : round-robin pools

Int william at cam.ctc.cu
Wed Aug 26 21:41:04 UTC 2015 

I do not have access to Internet in my case, only have access to a national VPN,
As I can disable the zone "."

// prime the server with knowledge of the root servers
   zone "." {
              type hint;
              file "/etc/bind/db.root";
   };

As I can avoid that the DNS try to get connected to consult db.root
In order that in the DNS you not get lost time trying to access addresses IP unreachable or refused for my NET

Regularly I check my Log and I find the following: The DNS trying to access places of Internet

I need to publish in my DNS for my very NET'S correct functioning
Addresses my servers's IP premises in DMZ,
And that this out-of-doors only upon command sites .cu,
Should solve it the server DNS making another servers forward DNS authorized in our national VPN

# tail -1000 /var/log/syslog |grep named

Aug 26 21:17:26 ns2 named[1093]: error (connection refused) resolving 'G.ROOT-SERVERS.NET/AAAA/IN': 192.58.128.30#53
Aug 26 21:17:26 ns2 named[1093]: error (connection refused) resolving 'D.ROOT-SERVERS.NET/AAAA/IN': 128.8.10.90#53
Aug 26 21:17:26 ns2 named[1093]: error (connection refused) resolving 'C.ROOT-SERVERS.NET/AAAA/IN': 192.228.79.201#53
Aug 26 21:17:26 ns2 named[1093]: error (connection refused) resolving 'B.ROOT-SERVERS.NET/AAAA/IN': 192.228.79.201#53
Aug 26 21:17:26 ns2 named[1093]: error (connection refused) resolving 'E.ROOT-SERVERS.NET/AAAA/IN': 192.112.36.4#53

Tell me if they have any suggestion for my case.

Greetings from Cuba
  William

-----------------------------------
I run bind 9.10.2-P3.

I have three classes of forwarders that I'd like to use:

(1) my own, hosted forwarder.  fast & private, but not redundant infrastructure
(2) private/encrypted hosted forwarders.  slow, private, and redundant infrastructure.
(3) reliable ISP & public forwarders. fast, redundant, privacy-challenged (Google, OpenDNS, AT&T, etc).

Reading the Arm & chatting in #irc IIUC 'forwarders' are NOT queried in order listed, and there's no option to set priority, failover, round-robin etc.

I'm requesting such a feature.

For example,

Forwaders would be queried in order of priority, and pools of multiple forwarders would be round-robin weighted within a given priority level.

So in conf, we could have

        forward only;
        forwarders { 11.11.11.11 port 11111 prio 1; 22.22.22.1 port 53 prio 2; 22.22.22.2 port 53 prio 2; 8.8.8.8 prio 3; 8.8.4.4 prio 3; };

Thanks!
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
bind-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

More information about the bind-users mailing list