Re: [SLUG] More problems with network cards

From: Ian C. Blenke (icblenke@nks.net)
Date: Tue Jul 17 2001 - 18:41:19 EDT

Next message: Ian C. Blenke: "Re: [SLUG] Procmail FAQs"
Previous message: Paul M Foster: "Re: [SLUG] samba question"
In reply to: R P Herrold: "Re: [SLUG] More problems with network cards"
Next in thread: Ian C. Blenke: "Re: [SLUG] More problems with network cards"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Tue, Jul 17, 2001 at 05:59:31PM -0400, R P Herrold wrote:
> On Tue, 17 Jul 2001, Ian C. Blenke wrote:
>
> > domain blenke.com
> > search blenke.com loft.blenke.com
> > nameserver 127.0.0.1
> > nameserver 10.0.0.4
> > nameserver 10.0.0.3
> > nameserver 10.0.0.2
>
> Quick hint -- It rarely (I daresay never) makes sense to wait
> 4 x 30 sec timeouts for nameservice, as this resolv.conf
> example would cause. Certainly no more than ONE at a given
> resource strata. If the Local, and the immediate upstream do
> not know, go to the root server cache.

I'm missing something. The multiple *local* nameservers are for
redundancy, nothing more. If I decide to stop my local named,
I still want resolution to work (albeit with a 30 second timeout, of
course). If the local named is down, AND the 10.0.0.4 named is down,
AND the 10.0.0.3 named is down, AND the 10.0.0.2 named is down, the
resolution is going to die and you will have waited for quite some
time. If all of my internal named instances are dead to the world,
however, it's probably because they can't resolve to the root name
servers due to a dead network connection.

If I lookup something that isn't a valid record and the nameservers
are all up, however, only 127.0.0.1 needs to reply with a null
response for the query to stop. The query doesn't continue on to other
nameservers in my resolv.conf list.

If you don't list a nameserver in your resolv.conf, your machine isn't
going to magically query the root nameservers. Only a recursive
nameserver is going to know how to query the root nameservers (that's
why we preload our nameservers with a cache of hints to the static
root nameservers).

If you have internal zone topologies that aren't externally visible,
you point to private nameservers. From the outside www.blenke.com is
something completely different from www.blenke.com from the inside of
my home network.

If you don't have any special zones hosted by your nameservers, it
does make sense to add external recursive nameservers to your resolv.conf
(such as those provided by your upstream provider).

Never add a non-recursive nameserver (like the root nameservers) to
your resolv.conf - they won't do lookups for you, merely point you to
the correct nameserver that might.

- Ian C. Blenke <icblenke@nks.net> <ian@blenke.com>

Next message: Ian C. Blenke: "Re: [SLUG] Procmail FAQs"
Previous message: Paul M Foster: "Re: [SLUG] samba question"
In reply to: R P Herrold: "Re: [SLUG] More problems with network cards"
Next in thread: Ian C. Blenke: "Re: [SLUG] More problems with network cards"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 16:12:19 EDT