Question about forwarders...
Kevin Darcy
kcd at daimlerchrysler.com
Tue Sep 19 21:10:29 UTC 2000
BIND 8.2.3 supposedly addresses this problem by choosing forwarders
adaptively, based on RTT, similar to the way nameservers are chosen with
iterative querying. See CHANGES #997. I assume BIND 9 also implements this...
- Kevin
Brian Thomas wrote:
> Standard disclaimer: If this topic has been covered recently, I apologize.
>
> In testing the configurationg of forwarding-only servers, my experience is
> that when a lookup is done, the first server in the list of forwarders
> is always chosen -- It does not round-robin or randomly choose a server to
> try.
>
> While this isn't critical, it does cause problems. For example, if the
> first forwarder in the list is unavailable, only then will lookups use the
> next one. Meaning I now have a spankin' new cache on that second
> forwarder, requiring every single name be recursively looked up since
> it's bereft of entries. Second, I can't load-balance the requests across
> multiple forwarders, I'm always going to have one that gets more and
> more pegged and memory-starved as it's cache grows.
>
> For the record, the situation is I have is a large farm of MTA's
> delivering mail to many recipients. I want to run a caching-only
> server on each of those MTA's for speedy lookups, and have two (Or more)
> dedicated servers to act as forwarders for outbound lookups. That should
> limit the Internet traffic (Since the caching servers will never talk
> over the 'net link), and insure the dedicated forwarders have large
> caches for multiple lookups on the same domain.
>
> No, this isn't for spamming. :)
>
> Here's a test named.conf I was using:
>
> acl internals { 192.168.0.0/24; 127.0.0.0/24; };
>
> options {
> forward only;
> forwarders { 192.168.0.5; 192.168.0.25; };
> allow-transfer { internals; };
> allow-query { internals; };
> allow-recursion { internals; };
> };
>
> Snoops of lookups through this server demonstrate shows traffic only
> between the caching server and 192.168.0.5. The .25 nameserver is not
> quieried unless the .5 server is not responding.
>
> Brian
More information about the bind-users
mailing list