Forwarding via different external networks

[Paul Kosinski]

"... whatever else you use to failover from the primary to the
secondary would automatically ensure BIND resolves too."

That's the root of the problem: there is no automatic failover, and
providing one is a lot of work. I was hoping there was a simple BIND
config option so that BIND itself could fail-over the DNS lookups and
solve the immediate problem.


On Sat, 27 Aug 2016 23:29:08 -0700
Dave Warren <davew at hireahit.com> wrote:

> On Sat, Aug 27, 2016, at 11:32, Paul Kosinski wrote:
> > So my question is, is it possible to configure my forwarding BIND to
> > have a primary and *secondary* path for sending out DNS queries? As
> > far as I can tell, the "query-source address" option in named.conf
> > only allows one outbound interface to be (implicitly) specified,
> > and I don't want to leave the outbound interface unspecified as
> > that would defeat monitoring and logging on the specific interface.
> > The "forwarders" option *does* allow multiple DNS servers to be
> > specified, but that doesn't help if the network path is down.
> > 
> > P.S. I suppose I might try something with policy routing, but that
> > was already a nightmare to set up, since I use DSL vs cable based
> > on the source and type (e.g. HTTP, SSH) of the traffic rather than
> > the more common destination.
> 
> Since you're forwarding anyway, why not forward to a pair of public
> servers, 8.8.8.8 and 8.8.4.4, or 4.2.2.1 and 4.2.2.2, and then use
> youe routing table or other technique to route traffic for each
> destination IP?
> 
> However, since you run BIND, why bother with forwarding queries at
> all, I would recommend just resolving without forwarders, in which
> case BIND doesn't need any particular connection and whatever else
> you use to failover from the primary to the secondary would
> automatically ensure BIND resolves too.