Questions on BIND, caching nameserver and firewall
Steve Snyder
swsnyder at home.com
Wed Jun 2 15:04:43 UTC 1999
I am seeking information on tweaking the responsiveness of my Internet
connection across a firewall.
My LAN's server uses a caching nameserver (BIND v8.1.2) and a firewall
(ipchains 1.3.8) for Internet access. This is running on a RH v5.2 box,
upgraded to kernel v2.2.x and glibc v2.1.1. Internet access is via a cable
modem.
The server's resolv.conf contains the primary and secondary namesservers of
my ISP:
nameserver 127.0.0.1
nameserver 24.4.162.33
nameserver 24.4.162.34
This setup is working for me, so I don't want to break it by blundering
around. Thus my questions:
1. The named.conf (as shipped by RedHat) contains a comment that users
behind a firewall might want to uncomment the line:
// query-source address * port 53;
What does this actually do and would I, being behind a firewall, actually
benefit from this directive given my current configuration?
2. Forwarding. I'm not very clear on how this makes for more efficient
name resolution. I've perused the BIND mailing list archive and therefore
have enough knowledge to be dangerous. Is it adviseable to add my 2 ISP
nameserver addresses in an "option forwarder" statement in named.conf?
Any info on these topics would be appreciated. Thank you.
***** Steve Snyder *****
More information about the bind-users
mailing list