On Tue, Nov 11, 2014 at 2:15 PM, Evan Hunt <e...@isc.org> wrote: > > This sounded good until "Note that using this configuration will cause > the > > recursive resolver to fail if the local root zone server fails." Could I > > use "forward first" instead of "static-stub" so that it would fall back > to > > the normal root servers if the local root server could not get zone > > transfers or had some other error? > > In the case of BIND, the sample configuration has the root server built in > to the recursive server (it's a separate view, but not a separate process), > so if the root server dies, then the recursive server is also dead. A > simple nanny script can restart it if this happens. > > Thanks, but what about the case where the zone transfers are refused and the root zone expires? My server is still running, but cannot answer for the root zone. That's a case where I want it to fail over to the real roots.
> This might be a larger concern with the sample NSD/Unbound configuration, > in which there are two separate server processes that don't necessarily > share fates. However, it may be possible to set up the stub zone in > Unbound so that it tries localhost first, and fails over to traditional > root servers if that doesn't work. (I know you can list multiple server > addresses, but I don't know whether Unbound favors the first one or > round-robins the lot of them.) > > -- > Evan Hunt -- e...@isc.org > Internet Systems Consortium, Inc. > -- Bob Harold University of Michigan
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
