Root Servers and Forwaders ?

[Michael Voight]

Rahul Parasnis wrote:
> 
> Hello
> I am asking a very basic question Here?
> In the Example described on Page 28 DNS and BIND 3rd Edition
> 
> Resolver query for giri.gbrmpa.goc.au
> The query first goes to  "." then to "au." then "gov.au" and then to
> "gbrmpa.gov.au".
> 
> First Question : How does that First query goes to "." ?

When the DNS server starts,  a server is chosen at random from the root
hints. (file described on the line with "cache ." 
This server then updates your DNS server with the current NS and glue
records for the root servers.

> What if I have specified "Forwarders" in my named.conf file ?

If you do not have the record queried for, then the query will go to the
forwarder. This is described quite well in DNS & BIND. 
If the forwarder is unresponsive then your server will make the query to
the internet. If slave mode (options forward only) is configured, then
your machine will not go to the internet.

> 
> How does the query work , if it is given from the host
>      piripiri.finance.gen.au   where gen.au and gov.au are same level zones

On your first query for a remote host in the .au domain, then the query
will go to the root server who will return the NS record for the .au
domain. Your server (or forwarder) will query the .au server and so on
down the list. The next time you need to look for something in .au or
one of the already cached (NS record) domains, you will go to the lowest
level server that meets the request.  Again, read DNS & BIND for
detailed info.

> 
> Second Question : What should  gbrmpa.gov.au or gov.au server have in the
> db.cache file ?
> Should these servers also have the file downloaded from ftp.rs.internic.net ?

YES.. If you can reach the internet from this machine.

> How does these root Serers work for the subdomains like gbrmpa.gov.au ?
>
> Simmilarly on Page 31 ,
> 
> 1.Nameserver A receives query from the resolver
> 2. A queries B ( How this works ? Which line in the Named.conf does this?
> does "forwarders" is doing this function ? )

Sorry, I don't have the book handy, I  seem to have lost the need to
read it anymore, so I don't know what page 31 says. 

1. The resolver is the DNS client application. It goes to server A based
on its configuration of nameserver. In Windows, this is done in the
network control panel screen. In UNIX, it is in /etc/resolv.conf. If
resolv.conf exists on a server and there is no nameserver directive, the
local machine is considered to be the nameserver.

2. I don't know what B is.

B could be

1. a forwarder
2. another nameserver (root server or any subdomain.

The DNS client normally makes a request to the DNS server, then makes
the DNS server do all of the work. 

The DNS server will generally query other nameservers. If the reply is
an NS record instead of the record searched for, then the DNS server
will query the server listed in the NS record. The nameserver might also
reply with the answer or with another nameserver.

> 
> I am really confused about the concepts of "forwarders" and "root Server"
> functions.
> How does they work for subdomains like  finance.gen.au and gbrmpa.gov.au ?

A root server is queried when you don't already have a nameserver record
cached for the upper domains (like .au)

A forwarder is a server that is queried by your nameserver so it doesn't
have to query the internet servers, due to firewall issues, or the need
to have a larger caching machine. The forwarder, if used by multiple
nameservers could build a large cache of information and reduce traffic
to the internet since it has the answers.

Michael Voight
CSE, Cisco TAC
(supporting CDDM, CNR, DD, LD, CacheEngine, MWEB)