When there are no Root Name Servers
Martin McCormick
martin at dc.cis.okstate.edu
Fri Mar 30 17:02:04 UTC 2001
I was approached recently with the question of how we
might let local domain name service keep running during times
when Internet connectivity is down and no root name servers are
accessible. The suggestion was made to configure the secondary
dns to be its own root zone. My basic response was that this
sounds like a bad idea because during that 99.5% of the time when
everything is working, if a customer of ours happened to hit the
secondary and ask for a lookup outside of us, he or she should
get a failure because that dns would not be able to lookup the
outside domain.
We have experimented with manually configuring our name
servers to be their own root when we were certain of an extended
outage, when one knows for a fact that no traffic is going to make
it off campus or at least on to the INternet due to a known
problem with routers or cables.
Is there a BCP or Best Current Practice that lets our
local lookups keep running through the master even when the roots
have temporarily gone away?
Maybe I am simply overlooking a small change in configuration
that would at least allow the campus to talk to itself and then
smoothly recover full functionality when the roots reappear.
We probably get one of these situations once or twice a
year if that often and they don't last long, but the hit is
magnified by loss of local dns. The phone can really start to
ring.
Martin McCormick
More information about the bind-users
mailing list