Getting clients to change their resolvers can be challenging, especially
if there are large numbers of them and many/most of them don't get their
resolvers via DHCP.
But I think the answer to that challenge is to come up with better ways
of managing clients, not to add a "proxy mode" to BIND.
- Kevin
Michael Hare wrote:
For those of us that are still running auth and recursive on the same
IP, I believe the benefit would be to deploy a best practices
recursive only nameserver on a different machine/IP address without
getting, in my case, possibly hundreds of thousands of clients to
change their DNS resolver IP address.
In the surface, I too find this to be an interesting idea.
-Michael
Kevin Darcy wrote:
Dmitry Rybin wrote:
Niall O'Reilly wrote:
I think, that be useful make this feature in bind:
Add option to disable internal recursion cache, and forward all
recursive queries to another daemon.
Daemon as unbound, pdns-recursor - much faster in recursion
queries, that bind. :(
I don't see the point.
If you need some code, other than BIND named, to handle
recursive queries from your clients, why not just have
that code listening on the addresses configured in the
stub resolver on each of the client systems?
I'll explain, why.
Same Server is authoritative for internet/intranet and recursive for
intranet and one large AS. Sometimes Auth/Rec server IP cannot be
spited into different IP's.
Bind answer authoritative for all clients, and forward (if allowed)
recursive queries to recursive server.
_______________________________________________
Why not just point some or all of those recursive clients to the
"other" recursive resolver?
Seems like BIND ceases to add any value when it's just forwarding
everything and not caching any results.
- Kevin
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users