behavior of recursive lookup

Kevin Darcy kcd at daimlerchrysler.com
Wed May 1 00:20:18 UTC 2002 


John Fox wrote:

> Hi, All,
>
> >From an email sent to me by my boss:
>
>  | it is my understanding (though I am not completely
>  | confident) that a recursive lookup will check local zones
>  | first, and then be forwarded to the forwarders; setting
>  | "no-recursive" would cause it to return nameservers to
>  | ask in the event that the zone is not local.
>
> Is he correct?  Will a recursive lookup check local zones
> first and forwarder(s) second?

That's basically correct, but with the caveat that if the queried name is in a
zone for which the nameserver is authoritative (i.e. is the primary master or is
a slave), then it will never ask other nameservers about the name, since it
assumes that it knows *everything* about the zone.

> Further, will the nameserver's cache be treated as a local
> zone?

Technically, no. It's in a special category. But the effect is the same,
inasmuch as the nameserver won't ask other nameservers about the name if it
already has the answer in its cache. That's the whole point of caching -- to
reduce resource consumption and query latency by answering from locally-held
(albeit temporary) information.

> Ideally, we'd like to set up name server A as a caching-only
> server, and have name servers B and C set to use A as a
> forwarder.

Why? Do B and/or C lack connectivity? They should be able to resolve names
themselves without having to rely on A to do the grunt work for them. Bear in
mind that you're adding an extra "hop" to your resolution process by making B
and C go through A to resolve names. My preference is always to make nameservers
as autonomous as possible. This makes your nameservice infrastructure more
robust: if one server dies, then all of the others chug along without any
problems or performance penalties. Moreover, I've never yet personally run into
a situation where forwarding actually helped performance. Usually it seems to
cause more problems than it solves.

If you opt for a forwarding solution, however, then be sure to enable recursion
on the forwarder.


- Kevin

More information about the bind-users mailing list