Dial on demand and dns

Mark_Andrews at iengines.com Mark_Andrews at iengines.com
Thu Oct 28 06:07:07 UTC 1999 

> Hi,
> My network is connected to the internet through a Linux box that runs a
> BIND nameserver,
> version 8.1.2.
> I have an ISDN dial on demand connection to my ISP.  The connection uses
> PAP.
> 
> A few days ago I discovered a problem with this setup:
> 
> If the nameserver needs to contact e.g. a root name server to answer a
> query and the authentication
> fails, the following problem arises:
> My nameserver attempts to contact the first root nameserver. This fails
> because the authentication fails, so my nameserver tries the next
> rootnameserver and so on. After a while (5s, 10s, 20s, 40s) the resolver
> will ask the nameserver again and the scenario is repeated. Many querys
> to the nameserver will cause a constant dial up to my ISP which can be
> very expensive.
> 
> The name server will not detect my ISDN adapter as non working since it
> is actually working.
> How can this problem be solved?
> I suspect this is really an operating system issue, but I imagine that
> this problem might be of interest to some of you people reading this
> list as well.
> 
> Thanks
> Erik Andersen
> 
> 
> 

	This is really a PPP problem.  PPP should be able to flag
	a link as dead (or not, for debugging) if there is a
	authentication problem.

	This is not a DNS issue, you just see it as a DNS issue as
	the first step in making a connection is finding out the
	address to connect to so it ends up being a DNS query that
	is logged as bringing up the line.

	There are DNS issues with dial on demand lines and later
	versions of BIND have controls to deal with some of those
	issues.  Most of these deal with zone transfers over the
	line and making efficient use of the times the DNS needs
	to bring a line up for zone maintenance.

	The only other times named initiates queries of its own is
	at start time to prime the cache and the periodic re-priming.
	We should be able to address these later issues with the
	design changes in BIND 9 by making these queries on demand.

	Mark
--
Mark Andrews, Internet Engines Inc. / Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at iengines.com

More information about the bind-users mailing list