failure with empty hints file on forward first
Kevin Darcy
kcd at daimlerchrysler.com
Fri May 14 22:49:41 UTC 2004
Jeff Stevens wrote:
>does bind require the named.ca (hints) file to be populated if
>forward first is used? it seems to fail for such a case, while forward
>only works...
>
>
The fact that you would ask such a question suggests to me that you
don't fully understand the difference between "forward first" and
"forward only". "Forward first" is opportunistic: it tries the
forwarder(s) and if it gets a timeout, then it goes and queries
iteratively as if no forwarders were defined in the first place. So yes,
it needs a hints file (or to be authoritative for the root zone) just
like any other BIND nameserver needs one. You should only use "forward
first" as a performance optimization, and as a personal recommendation,
I wouldn't use it at all unless you had solid proof that it can actually
increase your performance. Many folks implement forwarding for
performance, and then much later discover that it's actually hurting
performance more than helping.
"Forward only", on the other hand, is "real" forwarding: it makes the
forwarding server *dependent* on its forwarders, with no failover to
iterative resolution. Since the forwarders are assumed to have
information about the root zone, there's no need to define a hints file
(or be authoritative for the root zone). "Forward only" is there to deal
with network connectivity issues, e.g. if you are firewalled from the
Internet and can only resolve through some other nameserver(s).
- Kevin
More information about the bind-users
mailing list