Date: Sun, 18 Apr 1999 11:54:02 +0200 From: Andreas Klemm <andreas@klemm.gtn.com> To: Matthew Dillon <dillon@apollo.backplane.com> Cc: Andreas Klemm <andreas@klemm.gtn.com>, Annelise Anderson <andrsn@andrsn.stanford.edu>, Soren Schmidt <sos@freebsd.dk>, freebsd-current@FreeBSD.ORG Subject: Re: login Message-ID: <19990418115402.A11762@titan.klemm.gtn.com> In-Reply-To: <199904180726.AAA77697@apollo.backplane.com>; from Matthew Dillon on Sun, Apr 18, 1999 at 12:26:15AM -0700 References: <199904171925.VAA22900@freebsd.dk> <Pine.BSF.3.96.990417123736.11621A-100000@andrsn.stanford.edu> <19990418015658.A95962@titan.klemm.gtn.com> <199904180726.AAA77697@apollo.backplane.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Apr 18, 1999 at 12:26:15AM -0700, Matthew Dillon wrote: > > Setting a forwarders chain sucks, because named doesn't do the right thing > with it -- even if you have multiple entries, if the first one is > unreachable it will create a significant delay for nearly all your > DNS requests which can seriously degrade scripts and servers. Uh, didn't know that, thanks. Well, here I use only one forwarder entry as the leaf site of an ISP. I forward all DNS traffic to the DNS Server, that is located in the same segment as the NAS. Don't want to act as a secondary for the whole gtn.com. domain, because my machine often boots, so the extra traffic of the zone transfers isn't welcome ;-) > The safest way to set up a reliable DNS server is very similar to what > you have above, but without forwarders. O.k., understand that. But would do that only in my own network. If you have for example a machine in a customers network for doing some analysis task, I wouldn't setup secondaries, to be more silent in the network. > * You install a root cache. i.e., no forwarders. No remote cache... only > local caching. root.zone can be obtained from ftp.rs.internic.net as > the file domain/root.zone.gz. I run this from cron, this makes things easier on the long run: 0 18 * * 0 dig @a.root-servers.net . ns > /etc/namedb/named.root.new && mv /etc/namedb/named.root.new /etc/namedb/named.root > * You then secondary the domains that are most critical for your machine's > proper booting and operation. For example, at BEST each of our machines > secondaries the best.com domain. Good idea. Andreas //// -- Andreas Klemm http://www.FreeBSD.ORG/~andreas http://www.freebsd.org/~fsmp/SMP/SMP.html powered by Symmetric MultiProcessor FreeBSD To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990418115402.A11762>