Users Want *Seamless* Solutions, Not Patchwork (was Re: Users want solutions, not buzzwords)

[D. J. Bernstein]

Kevin Darcy writes:
> First, you could define the forwarding mode as "forward first"

No! That's a reliability disaster for internal domains. If there's a
temporary problem reaching the internal server---if, for example, its
network connection is briefly overloaded---then you will fall back to
external servers. Those external servers will tell you that the domain
doesn't exist. Your mail deliveries will bounce, instead of being
retried properly.

> The other way to deal with this is to define the zone as "type
> stub" instead of "type forward".

I haven't seen any documentation on stubs. It appears, from the code,
that you can't use stubs to directly configure forwarding targets; the
targets are specified by NS records. Furthermore, BIND seems to blindly
cache incorrect data within the internal domain from external servers.

> Your documentation only states that dnscache supports recursive fowarding
> *globally*. BIND also supports it *selectively*

My documentation explains the selection mechanism, and it then explains
the recursion mechanism. I do not assume that readers are idiots.

---Dan