<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<div class="moz-cite-prefix">Not a good solution. Even under
"normal" circumstances, there will be temporary bottlenecks,
dropped packets, etc.. that will trigger failover and users will
get different answers at different times. Not good for support,
maintainability, user experience/satisfaction, etc.<br>
<br>
If all you want is resilience, and you own/control the domain in
question, why not just slave it ("stealth" slave, i.e. you don't
need to publish it in the NS records)?<br>
<br>
If you *don't* own/control the domain in question, what business
do you have standing up a "fake" version of it in your own
infrastructure? Not a best practice.<br>
<br>
- Kevin<br>
On 2/19/2014 4:51 AM, houguanghua wrote:<br>
</div>
<blockquote cite="mid:BAY173-W1088F5E4F697E745351564BB9B0@phx.gbl"
type="cite">
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 12pt;
font-family:微软雅黑
}
--></style>
<div dir="ltr">Steven,<br>
<br>
Your solution is very good. It can forward the queries to
the specified name servers first.<br>
<br>
But if the specified name server is enabled only when normal dns
query process is down. How to configure the local DNS server?
The detailed scenario is descibed in below figure:<br>
<br>
<br>
--------------<br>
| Root
| <br>
| nameServer |<br>
/ -------------<br>
②/ <br>
/<br>
----------
------------ -------------<br>
| Client | __①____\ | Local | ___③_____\ |
Authority | <br>
| Resolver | / | DNS Server | X / |
DNS Server |<br>
----------
------------ -------------<br>
\ <br>
\④<br>
\<br>
\ ------------<br>
| Hidden |<br>
| DNS Server |<br>
------------<br>
Normally,<br>
1) A internet user wants to access <a moz-do-not-send="true"
href="http://www.abc.com">www.abc.com</a>, a DNS request is
sent to local DNS server<br>
2) Local DNS server queries the root name server, the .com
name server to get the Authority Name Server of abc.com <br>
3) local DNS server queries the Authority name server, and gets
the IP<br>
<br>
But when the Authority name server is down, the internet user
won't get the IP address. My solution is as follows:<br>
a) A hidden name server with low performance is deployed.
When authority name server can't be accessed, local dns server
will access the hidden server.<br>
b)The hidden server is never used in normal situation. It
act as a cold backup for authority name server.<br>
c) The zone file in the hidden server is the same as that
configuration in the authority name server <br>
d) The hidden name server doesn't appear in the NS records
of authority name server <br>
<br>
Btw, all above doesn't consider the cache in the local dns
server.<br>
<br>
<br>
Best Regards,<br>
Guanghua<br>
<br>
<br>
<div>> Date: Mon, 17 Feb 2014 09:09:13 +0000<br>
> Subject: Re: how to modify the cache<br>
> From: <a class="moz-txt-link-abbreviated" href="mailto:sjcarr@gmail.com">sjcarr@gmail.com</a><br>
> To: <a class="moz-txt-link-abbreviated" href="mailto:houguanghua@hotmail.com">houguanghua@hotmail.com</a><br>
> CC: <a class="moz-txt-link-abbreviated" href="mailto:bind-users@lists.isc.org">bind-users@lists.isc.org</a><br>
> <br>
> On 17 February 2014 01:17, houguanghua
<a class="moz-txt-link-rfc2396E" href="mailto:houguanghua@hotmail.com"><houguanghua@hotmail.com></a> wrote:<br>
> > I want to override the IP address of NS, for I want
to use other authority<br>
> > DNS which isn't registered.<br>
> <br>
> For that you use forwarding. Create a zone statement for
the zone in<br>
> question and forward the queries to a different name
server. You don't<br>
> need to mess with the cache.<br>
> <br>
>
<a class="moz-txt-link-freetext" href="https://mknowles.com.au/wordpress/2009/07/20/bind-forwarding-zone/">https://mknowles.com.au/wordpress/2009/07/20/bind-forwarding-zone/</a><br>
</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
Please visit <a class="moz-txt-link-freetext" href="https://lists.isc.org/mailman/listinfo/bind-users">https://lists.isc.org/mailman/listinfo/bind-users</a> to unsubscribe from this list
bind-users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:bind-users@lists.isc.org">bind-users@lists.isc.org</a>
<a class="moz-txt-link-freetext" href="https://lists.isc.org/mailman/listinfo/bind-users">https://lists.isc.org/mailman/listinfo/bind-users</a></pre>
</blockquote>
<br>
</body>
</html>