fowarding vs named.ca
Jim Popovitch
jimpop at yahoo.com
Tue Jul 12 21:00:49 UTC 2005
--- Joseph S D Yao <jsdy at center.osis.gov> wrote:
> > > >
> > > > Well, I did 15 mins of tests last night....
> > > >
> > > > ~$ tcpdump port domain | egrep -i "> [a-m].root-servers.net" | wc -l
> > > > 18
> > > >
> > > > no forwarders... seems like a few every minute. ;)
> > > >
> > > > -Jim P.
> > >
> > > Out of how many lines? And, had you just started up? ;-)
> >
> > ~$wc -l domain.log
> > 1922
> >
> > And no, it wasn't just started. Iam going to email you the log privately.
> >
> > -Jim P.
>
> OK, 18 lines is approximately 9 queries and 9 responses. Besides the
> TLDs that your name server hadn't seen before, or had expired out of
> cache (Spain, Poland, India), I learned something I either had forgotten
> or had never known. The root name servers also serve in-addr.arpa. So,
> any time you look up an IP address with one of the 256 starting octets
> that you haven't seen before, or that has expired out of cache, you get
> to visit your closest root name server again.
It is actually 18 out and 18 in, as my egrep statement above included a ">"
which is unidirectional traffic from tcpdump. But your above explaination
helps to explain their purpose (thank you).
>
> This is still no reason to forward to another name server out there; it
> would just have to make the same query. One reason to forward to a name
> server is if there is much better connectivity between you and it, and
> it and the public Internet, than you have directly to the public
> Internet. E.g., a proxying firewall. Or a server in your office that
> has T3 (45 Mbps) connectivity out while you have 56Kb out (but 100Mbps
> to it). ;-)
Fair enough. Thank you again Joe for helping to educate me on this.
-Jim P.
More information about the bind-users
mailing list