How to setup a backup NameServer?

houguanghua houguanghua at hotmail.com
Tue May 6 05:37:41 UTC 2014 

kevin,
 
It sounds not a bad idea. Thanks a lot.
 
Backup server's delay can be added by manually. Thus in normal situation, the 'backup' server is seldom visited.
 
Thanks all of you.
 
Guanghua

> Date: Sun, 04 May 2014 14:06:23 -0400
> From: Kevin Darcy <kcd at chrysler.com>
> To: bind-users at lists.isc.org
> Subject: Re: How to setup a backup NameServer?
> Message-ID: <5366819F.7030302 at chrysler.com>
> Content-Type: text/plain; charset="iso-8859-1"; Format="flowed"
> 
> Forwarder selection has been based on RTTs for quite a while now. So, if 
> what you're trying to protect against is your "primary" forwarders being 
> DoS'ed, why not just define your "primary" and "backup" forwarders in 
> the same forwarder list? Due to RTT calculations, the "backup" 
> forwarders would normally not be used (much), if they're slower, but in 
> the DoS scenario, the queries would automatically fail over.
> 
> If your "backup" forwarders are *not* significantly slower than your 
> "primary" ones, then *all*the*more*reason* for them to be in the 
> forwarder list, in order to provide ongoing DoS protection. (Unless 
> they're more expensive to use, perhaps? In that case, you might want 
> into some sort of rate-limiting-based and/or load-balancer-based solution).
> 
>                              - Kevin
> 
> On 5/3/2014 9:15 PM, houguanghua wrote:
> > Dave,
> >
> > sorry for the delay reply.
> >
> > These zones are not owned by ISP, such as: yahoo.com, facebook.com...
> > If such backup dns server is ready, ISP will talk to these WEB sites 
> > to keep synchronization with their authority NSs.
> > It's maybe a huge project.
> >
> > Thanks,
> > Guanghua hou
> >
> >
> > >
> > > Message: 1
> > > Date: Tue, 29 Apr 2014 22:08:22 -0700
> > > From: Dave Warren <davew at hireahit.com>
> > > To: bind-users at lists.isc.org
> > > Subject: Re: How to setup a backup NameServer?
> > > Message-ID: <53608546.4050007 at hireahit.com>
> > > Content-Type: text/plain; charset="iso-8859-1"; Format="flowed"
> > >
> > > On 2014-04-29 18:50, houguanghua wrote:
> > > > A lot of zones will be supported. All popular zones in the ISP.
> > > > Maybe the best solution is to hire some custom programming to develop
> > > > private system.
> > >
> > > How will you obtain copies of "all popular zones"? Are you just talking
> > > about zones you host, or things like Google?
> > >
> > > --
> > > Dave Warren


 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20140506/b62862f9/attachment.html>

More information about the bind-users mailing list