how to debug "no more recursive clients"
Kevin Darcy
kcd at daimlerchrysler.com
Thu Feb 9 22:22:02 UTC 2006
Len Conrad wrote:
>>>We have "forwarding DNS" setup, where all the internal DNS "forward
>>>first" to our recursive-only rns1 and rns2 (recursive ns).
>>>
>>>
>>>
>>Why would you do that?
>>
>>
>
>So all our forwarding DNSs benefit from the consolidated, system-wide
>caches on rns1/2. At 30 createfetches/second from rns1, our DNS
>traffic is pretty high.
>
I'd just like to point out -- mostly for anyone reading this thread in
the archives -- that this "forward first" configuration is (apparently)
the result of an *informed* choice, based on real-world data and
measurements. Too many folks seem to configure forwarding just because
they copied someone else's config (i.e. forwarding configuration in its
viral form) or because it just seems "natural" to them to rely on their
ISP's DNS infrastructure along with all of the other ISP infrastructure
they rely upon. I.e. they don't really *understand* what forwarding is,
perhaps confusing the (necessary) hierarchical structure of the DNS
*namespace* with a (not necessary at all, and usually ill-advised)
hierarchy of *resolution*, they just put it in place and then are
clueless when something goes wrong with it. But in Len's case, it looks
like it might be the best way to go, on purely technical merits. That's
definitely the exception, rather than the rule, however, and that's why
we tend to get down on forwarding around here...
- Kevin
More information about the bind-users
mailing list