DNS Query Behavior with Global Forwarders Statement
Kevin Darcy
kcd at chrysler.com
Wed Aug 13 02:46:37 UTC 2008
Merton Campbell Crockett wrote:
> My corporate network consists of roughly 100 different sites located
> throughout North America. At each site there is a Network Management
> System (NMS) running ISC BIND and DHCP. Each NMS is the master name
> server for the forward and reverse DNS zones assigned to the site.
>
> No NMS has direct access to the Internet and forwards all DNS queries
> to a regional name server that has access to the Internet. The
> forwarders are defined as follows.
>
> options {
> ...
> forward only;
> forwarders { 10.73.2.6; 10.10.2.6; 10.35.2.6; };
> ...
> };
>
> The order in which the forwarders changes depending upon the region in
> which the site is located.
>
> I was asked to look at a problem involving name resolution at several
> sites. I had expected to see all DNS queries being forwarded to the
> "closest" regional name server. What I found using tcpdump was that
> all name servers in the list were being used in a round-robin fashion,
> i.e. I would see a group of queries sent to the first name server, the
> second name server was used for the next group, the third was used for
> the next group before the cycle restarted.
>
> Is this an artifact of the -P2 changes or was the use of RTT dropped
> for some other reason?
>
>
My understanding is that the RTT-based forwarder selection is "banded",
so that if a bunch of forwarders' RTTs all fall within the same "band"
they'll be used either randomly, or in a strict round-robin fashion.
Is the latency of the network in question sufficiently high that a
"close" regional forwarder might end up being "banded" with forwarders
that are physically much further away?
I would further speculate that the "clumping" you're seeing (a bunch of
queries to one forwarder, followed by a bunch of queries to the next
forwarder in the list, etc.), might be the result of multiple worker
threads following the same round-robin sequence. But that's pure
speculation on my part; I haven't looked at the code to confirm this.
For all I know, you're running on uniprocessor boxes, or didn't even
compile with threads enabled...
- Kevin
More information about the bind-users
mailing list