I know that running ASSP pointing to dns servers that use forwarding is
HIGHLY discouraged, and I understand why.
For performance reasons, I'd like to start using forwarders on our 3
internal dns servers (the same servers that ASSP uses). Other than for
ASSP, forwarders would be quite beneficial, and I think for general
queries, like looking for ptr, a, and mx records, forwarders would be good
for ASSP too.
Our Windows DNS servers allow for *conditional* forwarding where certain
queries can be directed to a specific group of servers. My idea is to turn
forwarding on for our servers (probably to google's public DNS servers
which seem VERY fast and reliable) but then turn on conditional forwarding
to those queries that ASSP uses where conditional forwarding would cause a
problem (Senderbase and Realtime Balcklist for example) to point to a new
4th DNS server that doesn't use forwarding and instead looks to the root
DNS servers. That's essentially turning off forwarding for the specified
requests. If that 4th server goes down or doesn't respond, then forwarders
would be used until its restored.
So for example:
Anything querying a senderbase.org hostname would look to our new internal
dns server x.x.x.x that doesn't forward, as would whatever the RWL lookups,
I know I'd need to do this at a minimum for Senderbase,
RBLServiceProviders, URIBLServiceProvider
How about the whois lookups?
"ARIN" => "whois.arin.net"
"RIPE" => "whois.ripe.net"
"APNIC" => "whois.apnic.net"
"KRNIC" => "whois.krnic.net"
"LACNIC" => "whois.lacnic.net"
"AFRINIC" => "whois.afrinic.net"
Did I miss any services?
*And most importantly, I'd love to get community feedback whether this is a
good idea or not.*
Thanks
Ken
------------------------------------------------------------------------------
Transform Data into Opportunity.
Accelerate data analysis in your applications with
Intel Data Analytics Acceleration Library.
Click to learn more.
http://makebettercode.com/inteldaal-eval
_______________________________________________
Assp-test mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/assp-test
