What should "/etc/resolv.conf" look like?
Simon Waters
Simon at wretched.demon.co.uk
Mon Jan 27 11:20:30 UTC 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Kamran Remin wrote:
>>You only list one name server in resolv.conf, best practice
>>suggests you list more than one DNS server here, in case the
>>server at 127.0.0.1 is not running.
>
>
> So, my /etc/resolv.conf should also include the ip-address of
my secondary
> DNS?
IF THE DNS SERVER ALSO REQUIRES TO USE THE DNS AS A CLIENT.....
(note the "if" - no really think about why I say "if")
resolv.conf should list two or more name servers that provide
recursive resolution. This might be your secondary server
(although ideally it wouldn't be as we like to keep
authoritative and recursive servers seperate), but might well be
any other name server providing recursion.
Please try to understand the distinction between;
1) client - a machine looking up something in the DNS
2) rescursive server (or cache) - a machine doing the complex
part of the lookup for it's clients.
3) authoritative server - your primary and secondary servers,
which know the "truth" about a zone (say example.com).
BIND does (2) and (3) by default, but can be configured to
provide only one or the other.
DNS clients must list two or more recursive servers in
resolv.conf, in case one server stops serving.
> And i shouldn't enter the search lines? But the search line
wouldn'i hurt,
> oder would it?
The search line is entirely down to what boxes this client would
like to contact using short names. The fact it is also a DNS
server is largely irrelevant to the content of resolv.conf.
This is entirely dependent on what else the box is doing, if it
is just a DNS server it may not need a resolv.conf at all, since
you always design DNS servers to carry on working without the DNS.
If the box regularly contacts machines in domain "example.com"
it may be convenient to refer to those boxes by a shortened
name, then "example.com" goes on the search line.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQE+NRX8GFXfHI9FVgYRAvlwAJ9FQPlApT0SPGQmf+WHoNVJqPyCWQCcDZKx
XgiRMDipKwAvgJg049olWYk=
=g5ec
-----END PGP SIGNATURE-----
More information about the bind-users
mailing list