Chained Forwarding: Best Practice?
Barry Margolin
barmar at alum.mit.edu
Wed May 3 23:47:18 UTC 2006
In article <e3bb7u$fra$1 at sf1.isc.org>, Lloyd Gieg <idm at gieg.net> wrote:
> Hi all -
>
> I have a requirement to set up selective forwarding to a partner's
> internal DNS, but the connection shouldn't come directly from my
> internal caching server. The proposed solution is this:
>
> 1. Internal host queries internal caching server (recursive)
> 2. Internal caching server selectively forwards "partner.com" to DNS
> server on DMZ. (recursive)
> 3. DMZ DNS server selectively forwards "partner.com" to partner's DNS
> server. (recursive)
> 4. Partner's DNS resolves. (iterative)
>
> I think this will technically work, but I'm worried a bit about the
> recursive selective forwarding chain. Anybody have any advice on whether
> I'm breaking any best practices with a setup like this? Or can I rely on
> something like this for a high-production application?
It should work technically. The concern I'd have would be performance
and reliability -- with all the forwarding, timeouts seem more likely.
--
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
*** PLEASE don't copy me on replies, I'll read them in the group ***
More information about the bind-users
mailing list