Turning off recusion
Ender Alexander Mujica Díaz
emujica at cantv.net
Fri Oct 20 04:11:54 UTC 2006
Hello,
Here is an interesting explanation about recursion, DNS queries types
and Stub resolver.
If *recursion* is set to 'yes' (the default) the server will always
provide recursive query
<http://www.zytrax.com/books/dns/ch2/index.html#recursive> behaviour if
requested by the client (*resolver*). If set to 'no' the server will
only provide iterative query
<http://www.zytrax.com/books/dns/ch2/index.html#iterative> behaviour. If
the answer to the query already exists in the cache it will be returned
irrespective of the value of this statement. This statement essentially
controls caching behaviour in the server. The allow-recursion
<http://www.zytrax.com/books/dns/ch7/queries.html#allow-recursion>
statement and the view <http://www.zytrax.com/books/dns/ch7/view.html>
clauses provide fine-grained control. This statement may be used in a
view <http://www.zytrax.com/books/dns/ch7/view.html> or a global options
<http://www.zytrax.com/books/dns/ch7/options.html> clause.
Here you can find out the queries types:
http://www.zytrax.com/books/dns/ch2/index.html#queries
See:
DNS Queries types:
1.- Recursive Queries
2.- Iterative (non-recursive) Queries
Resolver:
The generic term *resolver* defines a set of functions supplied as part
of the standard C network/socket libraries (i.e. glibc6 in *nix systems)
or supplied as part of a package (e.g. BIND). These functions are used
by applications to answer questions such as 'what is the IP address of
this host'. The most common method to invoke such resolver services,
used by your browser among many other applications, is to use the POSIX
socket functions 'gethostbyname' (or 'getaddrinfo' for sock2) for name
to IP and 'gethostbyaddr' (replaced by 'getnameinfo' in sock2) for IP to
name.
Resolvers are quite complicated and are defined to be capable of
following *referrals* (they can work with systems that do not support
recursive queries <http://www.zytrax.com/books/dns/ch2/#recursive>.
However almost all resolvers (both Windows and *nix) are *stub*
resolvers. A *stub* resolver is a minimal resolver which will only work
with a DNS that does support *recursive* queries i.e. it cannot follow
referrals <http://www.zytrax.com/books/dns/apa/referrals.html>. Some
newer Windows systems (Windows 2K and XP) provide what is called a
*caching resolver*. This resolver is a *stub* resolver but does maintain
a cache of responses to minimize network access and increase performance.**
http://www.zytrax.com/books/dns/apa/resolver.html
Barry Margolin wrote:
> In article <eh8el4$247j$1 at sf1.isc.org>, churchers at gmail.com wrote:
>
>
>> We have 3 nameservers which are now authorative for about 1000 domain
>> names and have,
>> unfortunately, been historically used as general purpose resolvers.
>>
>> I would like to turn off recusion but if I do, they start reporting any
>> domain name they don't run dns
>> for as being non-existant.
>>
>> --
>> pegasus# ping www.google.com
>> ping: cannot resolve www.google.com: No address associated with name
>> --
>>
>> Shouldn't they be referring the lookup to parent nameservers or am I
>> missing something?
>>
>
> Referring who to the parent nameservers? Clients almost always have
> "stub resolvers", which do not implement iteration by themselves. They
> send queries with the Recursion Desired flag set, and depend on the
> server to perform recursion to look up remote names.
>
>
More information about the bind-users
mailing list