"... whatever else you use to failover from the primary to the secondary would automatically ensure BIND resolves too."
That's the root of the problem: there is no automatic failover, and providing one is a lot of work. I was hoping there was a simple BIND config option so that BIND itself could fail-over the DNS lookups and solve the immediate problem. On Sat, 27 Aug 2016 23:29:08 -0700 Dave Warren <da...@hireahit.com> wrote: > On Sat, Aug 27, 2016, at 11:32, Paul Kosinski wrote: > > So my question is, is it possible to configure my forwarding BIND to > > have a primary and *secondary* path for sending out DNS queries? As > > far as I can tell, the "query-source address" option in named.conf > > only allows one outbound interface to be (implicitly) specified, > > and I don't want to leave the outbound interface unspecified as > > that would defeat monitoring and logging on the specific interface. > > The "forwarders" option *does* allow multiple DNS servers to be > > specified, but that doesn't help if the network path is down. > > > > P.S. I suppose I might try something with policy routing, but that > > was already a nightmare to set up, since I use DSL vs cable based > > on the source and type (e.g. HTTP, SSH) of the traffic rather than > > the more common destination. > > Since you're forwarding anyway, why not forward to a pair of public > servers, 8.8.8.8 and 8.8.4.4, or 4.2.2.1 and 4.2.2.2, and then use > youe routing table or other technique to route traffic for each > destination IP? > > However, since you run BIND, why bother with forwarding queries at > all, I would recommend just resolving without forwarders, in which > case BIND doesn't need any particular connection and whatever else > you use to failover from the primary to the secondary would > automatically ensure BIND resolves too. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users