Exactly, for djbdns, I have (in /var/djbdns/dnscache/root/servers/@):
80.254.130.4 80.254.140.9 198.41.0.4 128.9.0.107 192.33.4.12 128.8.10.90 192.203.230.10 192.5.5.241 192.112.36.4 128.63.2.53 192.36.148.17 198.41.0.10 193.0.14.129 198.32.64.12 202.12.27.33 The first two are the ones of my ISP. The rest came with the djbdns config and can be extended to use whatever else you want to add. This way, too, the local box will get answers for DNS requests from the first server that responds. Martin -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 mar...@waschbuesch.de http://martin.waschbuesch.de Am 15.02.2011 um 02:23 schrieb Eric Shubert: > On 02/14/2011 01:57 PM, Scott Hughes wrote: >> I use a caching name server on my QMT server. Here is what I have in my >> /etc/resolv.conf file: >> >> nameserver 127.0.0.1 >> nameserver 4.2.2.3 >> nameserver 4.2.2.4 >> >> This way if it does not resolve it locally, it will resolve it using one >> of the other DNS servers listed. Once it is resolved once, my local >> server will hold onto it for a period of time so that future look-ups >> will be faster. > > I don't believe that's quite right, Scott. I believe it will only cache hits > that are satisfied by the localhost (127.0.0.1) resolver. I think it would be > better to specify forwarders in the named.conf file. Then, indeed, hits from > alternate resolvers would be cached. > > This is what I have in my named.conf: > // > // named.conf > // > options { > forward first; > forwarders { > 205.171.3.25; > 208.67.222.220; > 205.171.2.25; > 208.67.222.222; > }; > }; > logging { > category lame-servers { null; }; > }; > > These IPs are for my ISP (Qwest) and OpenDNS. I think that by specifying > forwarders, it relieves some stress on the root name servers, which is a good > thing. > > Martin, am I off base on this? I could be. > >> Hope this helps. >> >> Scott >> >> >> On Mon, Feb 14, 2011 at 1:58 PM, Eric Shubert <e...@shubes.net >> <mailto:e...@shubes.net>> wrote: >> >> Hey Marek, >> >> Using Bind is fine, but using a single server/process for both >> authoritative and resolver purposes is not a good practice. It can >> be done, but I would try very hard to keep them separate before >> endeavoring to put them together. It can be done, but it's a bit >> tricky to do well (accurately and securely). >> >> If at all possible, I would use an authoritative DNS server that's >> external to QMT, then simply install the caching-nameserver package >> on QMT to use as a resolver. You should also modify the resolver's >> configuration to use forwarders, but that's not absolutely >> necessary. caching-nameserver configuration should work ok as is. >> >> Martin, do you have anything to add? (Sorry for jumping in again) >> >> -- >> -Eric 'shubes' >> >> >> On 02/14/2011 12:14 PM, d...@demod.pl <mailto:d...@demod.pl> wrote: >> >> Thank You for advice. >> >> I think, I must learn about DNS much more as I thought before i >> wrote >> these emails. >> >> I'm using BIND (named). >> >> Yes it's authoritative DNS server and i think it's a local >> resolver. Now >> I understand it's wrong practice? >> >> Now i'm going to try apply you advices and read something more >> about DNS >> server. >> >> I will let you know about my progress >> >> >> >> regards >> >> Marek >> >> >> >> ----- Original Message ----- From: "Eric Shubert" >> <e...@shubes.net <mailto:e...@shubes.net>> >> To: <qmailtoaster-list@qmailtoaster.com >> <mailto:qmailtoaster-list@qmailtoaster.com>> >> Sent: Monday, February 14, 2011 4:24 PM >> Subject: [qmailtoaster] Re: DNS temporary failure if one DNS >> server dont >> work. >> >> >> I agree whole heartedly with Martin (whatever that's worth). >> >> Two key questions which haven't been answered yet by Marek: >> 1) which software is he using (bind or djbdns) >> 2) is he using the local resolver as an authoritative DNS >> server as >> well? (I would hope not, but you never know). >> >> I gotta chuckle regarding Marek's name, as there is a >> commercial email >> server called "Marek Mail". :) >> >> Thanks, Martin. I'll let you finish up with this one. >> -- >> -Eric 'shubes' >> >> On 02/14/2011 01:39 AM, Martin Waschbüsch wrote: >> >> Seeing as it does not work right now, I don't know where >> the servers >> are listed on his system. Clearly there must be some >> configuration >> issue. >> >> But at the same time, IMHO it is the best solution to >> ensure there is >> a properly configured local DNS server. >> Such a local DNS server has a config where you can list >> forwarding >> DNS servers and that is where his name servers should be >> configured. >> >> Imagine resolv.conf lists the two outside DNS servers >> directly. >> Let's assume that the first entry (will be queried >> first) is down. >> >> Although the system tries to send 50 individual mails to >> some...@googlemail.com <mailto:some...@googlemail.com>, >> the mail server will experience a timeout for >> the first name server and only then query the secondary >> server. All >> that happens 50 times(!) >> Now, if you have a working caching DNS server, as soon >> as the first >> timeout happened and the secondary DNS server was >> queried, the local >> server has the DNS entry stored and the remaining 49 >> messages do not >> encounter any timeout at all. >> >> Martin >> >> >> -- >> Martin Waschbüsch >> IT-Dienstleistungen >> Lautensackstr. 16 >> 80687 München >> >> Telefon: +49 89 57005708 >> Fax: +49 89 57868023 >> Mobil: +49 170 2189794 >> mar...@waschbuesch.de <mailto:mar...@waschbuesch.de> >> http://martin.waschbuesch.de >> >> Am 14.02.2011 um 09:06 schrieb Tony White: >> >> Hi, >> So what/where are the two dns servers Marek >> says he is using? >> >> >> On 14/02/2011 7:02 PM, Martin Waschbüsch wrote: >> >> That is not correct! >> If localhost runs a caching DNS server, it will >> fetch DNS >> information from forwarding DNS servers, which >> can be the ISP's, >> Google's, whatever. >> The whole point of having a local caching DNS >> server is that it not >> only takes care of using all DNS servers it >> knows about to fetch >> data, but also to store that data and prevent >> DNS-lookup-heavy >> applications (like E-Mail servers) to generate >> lots of additional >> traffic and overhead. >> >> So, if Marek runs a local DNS server and still >> gets problems, then >> we need to look at that config. >> If not, he really should install a caching DNS >> server (named, >> djbdns, etc.) >> >> In any case, resolv.conf is just fine only >> pointing to the local >> server. >> >> Martin >> >> -- >> Martin Waschbüsch >> IT-Dienstleistungen >> Lautensackstr. 16 >> 80687 München >> >> Telefon: +49 89 57005708 >> Fax: +49 89 57868023 >> Mobil: +49 170 2189794 >> mar...@waschbuesch.de <mailto:mar...@waschbuesch.de> >> http://martin.waschbuesch.de >> >> Am 14.02.2011 um 07:59 schrieb Bruno De Leone: >> >> That means your only DNS is your local DNS >> so the qmail will never >> find any server outside it's network... >> >> You should add the DNS of your preference. >> For example, to add >> google's DNS, edit the file /etc/resolv.conf >> and add these lines >> at the end of the file: >> >> nameserver 8.8.8.8 >> nameserver 4.4.4.4 >> >> On Mon, Feb 14, 2011 at 4:39 AM,<d...@demod.pl >> <mailto:d...@demod.pl>> wrote: >> In resolv.conf I have only: >> "search localdomain >> nameserver 127.0.0.1" >> >> >> >> >> ----- Original Message ----- From: "Tony >> White"<t...@ycs.com.au <mailto:t...@ycs.com.au>> >> >> To:<qmailtoaster-list@qmailtoaster.com >> <mailto:qmailtoaster-list@qmailtoaster.com>> >> Sent: Monday, February 14, 2011 2:55 AM >> >> Subject: Re: [qmailtoaster] DNS temporary >> failure if one DNS >> server dont work. >> >> >> Marek, >> What order are the dns servers in >> /etc/resolv.conf? >> If they are the failing one on line one then >> reverse them. >> >> On 14/02/2011 9:03 AM, d...@demod.pl >> <mailto:d...@demod.pl> wrote: >> Thanks for fast reply. >> I use 2 named servers. >> everyone in different locations. One DNS >> server is on the same >> machine as qmailtoaster and always on. But >> when secondary DNS on >> the other location die i canot send email >> outside. >> >> >> ----- Original Message ----- From: "Carlos >> Herrera >> Polo"<carlos.herrerap...@gmail.com >> <mailto:carlos.herrerap...@gmail.com>> >> To:<qmailtoaster-list@qmailtoaster.com >> <mailto:qmailtoaster-list@qmailtoaster.com>> >> Sent: Sunday, February 13, 2011 10:02 PM >> Subject: Re: [qmailtoaster] DNS temporary >> failure if one DNS >> server dont work. >> >> >> Djbdns or named >> >> 2011/2/13, Martin >> Waschbüsch<mar...@waschbuesch.de >> <mailto:mar...@waschbuesch.de>>: >> What you could try is this: >> >> Have a local caching DNS server and that >> takes care of resolving >> to as many >> 'real' DNS servers as you like. >> Doing so means that your DNS server (local) >> is ALWAYS on (unless >> the daemon >> dies) and this problem won't occur again. >> >> Martin >> >> -- >> Martin Waschbüsch >> IT-Dienstleistungen >> Lautensackstr. 16 >> 80687 München >> >> Telefon: +49 89 57005708 >> Fax: +49 89 57868023 >> Mobil: +49 170 2189794 >> mar...@waschbuesch.de >> <mailto:mar...@waschbuesch.de> >> http://martin.waschbuesch.de >> >> Am 13.02.2011 um 19:48 schrieb<d...@demod.pl >> <mailto:d...@demod.pl>> <d...@demod.pl >> <mailto:d...@demod.pl>>: >> >> Hello everyone >> >> I have a problem with my qmailtoster. When >> one of my DNS server is >> down i >> cant send email. When i try send email >> outside i have an error >> message: >> DNS temporary failure. This hapen even if >> one DNS server works >> correctly. >> Does anyone know how can I solve it? >> >> Thanx for you help. >> Marek >> >> >> __________ Informacja programu ESET NOD32 >> Antivirus, wersja bazy >> sygnatur >> wirusow 5835 (20110131) __________ >> >> Wiadomosc zostala sprawdzona przez program >> ESET NOD32 Antivirus. >> http://www.eset.pl lub http://www.eset.com >> >> >> >> --------------------------------------------------------------------------------- >> >> Qmailtoaster is sponsored by Vickers >> Consulting Group >> (www.vickersconsulting.com >> <http://www.vickersconsulting.com>) >> Vickers Consulting Group offers Qmailtoaster >> support and >> installations. >> If you need professional help with your >> setup, contact them today! >> >> --------------------------------------------------------------------------------- >> >> Please visit qmailtoaster.com >> <http://qmailtoaster.com> for the latest >> news, updates, and >> packages. >> >> To unsubscribe, e-mail: >> qmailtoaster-list-unsubscr...@qmailtoaster.com >> >> <mailto:qmailtoaster-list-unsubscr...@qmailtoaster.com> >> For additional commands, e-mail: >> qmailtoaster-list-h...@qmailtoaster.com >> <mailto:qmailtoaster-list-h...@qmailtoaster.com> >> >> >> >> >> >> -- >> best wishes >> Tony White >> >> >> >> --------------------------------------------------------------------------------- >> >> Qmailtoaster is sponsored by Vickers >> Consulting Group >> (www.vickersconsulting.com >> <http://www.vickersconsulting.com>) >> Vickers Consulting Group offers Qmailtoaster >> support and >> installations. >> If you need professional help with your >> setup, contact them today! >> >> --------------------------------------------------------------------------------- >> >> Please visit qmailtoaster.com >> <http://qmailtoaster.com> for the latest >> news, updates, and >> packages. >> To unsubscribe, e-mail: >> qmailtoaster-list-unsubscr...@qmailtoaster.com >> >> <mailto:qmailtoaster-list-unsubscr...@qmailtoaster.com> >> For additional commands, e-mail: >> qmailtoaster-list-h...@qmailtoaster.com >> <mailto:qmailtoaster-list-h...@qmailtoaster.com> >> >> >> >> >> __________ Informacja programu ESET NOD32 >> Antivirus, wersja bazy >> sygnatur wirusow 5835 (20110131) __________ >> >> Wiadomosc zostala sprawdzona przez program >> ESET NOD32 Antivirus. >> >> http://www.eset.pl lub http://www.eset.com >> >> >> >> >> __________ Informacja programu ESET NOD32 >> Antivirus, wersja bazy >> sygnatur wirusow 5835 (20110131) __________ >> >> Wiadomosc zostala sprawdzona przez program >> ESET NOD32 Antivirus. >> >> http://www.eset.pl lub http://www.eset.com >> >> >> >> >> --------------------------------------------------------------------------------- >> >> Qmailtoaster is sponsored by Vickers >> Consulting Group >> (www.vickersconsulting.com >> <http://www.vickersconsulting.com>) >> Vickers Consulting Group offers Qmailtoaster >> support and >> installations. >> If you need professional help with your >> setup, contact them today! >> >> --------------------------------------------------------------------------------- >> >> Please visit qmailtoaster.com >> <http://qmailtoaster.com> for the latest >> news, updates, and >> packages. >> To unsubscribe, e-mail: >> qmailtoaster-list-unsubscr...@qmailtoaster.com >> >> <mailto:qmailtoaster-list-unsubscr...@qmailtoaster.com> >> For additional commands, e-mail: >> qmailtoaster-list-h...@qmailtoaster.com >> <mailto:qmailtoaster-list-h...@qmailtoaster.com> >> >> >> >> >> >> --------------------------------------------------------------------------------- >> >> Qmailtoaster is sponsored by Vickers Consulting >> Group >> (www.vickersconsulting.com >> <http://www.vickersconsulting.com>) >> Vickers Consulting Group offers Qmailtoaster >> support and >> installations. >> If you need professional help with your setup, >> contact them today! >> >> --------------------------------------------------------------------------------- >> >> Please visit qmailtoaster.com >> <http://qmailtoaster.com> for the latest news, >> updates, and >> packages. >> >> To unsubscribe, e-mail: >> qmailtoaster-list-unsubscr...@qmailtoaster.com >> >> <mailto:qmailtoaster-list-unsubscr...@qmailtoaster.com> >> For additional commands, e-mail: >> qmailtoaster-list-h...@qmailtoaster.com >> <mailto:qmailtoaster-list-h...@qmailtoaster.com> >> >> >> >> >> >> -- >> best wishes >> Tony White >> >> Yea Computing Services >> http://www.ycs.com.au >> 4 The Crescent >> Yea >> Victoria >> Australia 3717 >> >> Telephone No's >> VIC : 03 9008 5614 >> FAX : 03 9008 5610 (FAX2Email) >> >> >> >> IMPORTANT NOTICE >> >> This communication including any file attachments is >> intended solely >> for >> the use of the individual or entity to whom it is >> addressed. If you are >> not the intended recipient, or the person >> responsible for delivering >> this communication to the intended recipient, please >> immediately notify >> the sender by email and delete the original >> transmission and its >> contents. Any unauthorised use, dissemination, >> forwarding, printing or >> copying of this communication including file >> attachments is prohibited. >> It is your responsibility to scan this communication >> including any file >> attachments for viruses and other defects. To the >> extent permitted by >> law, Yea Computing Services and its associates will >> not be liable for >> any loss or damage arising in any way from this >> communication including >> any file attachments. >> >> >> >> --------------------------------------------------------------------------------- >> >> Qmailtoaster is sponsored by Vickers Consulting Group >> (www.vickersconsulting.com >> <http://www.vickersconsulting.com>) >> Vickers Consulting Group offers Qmailtoaster support >> and installations. >> If you need professional help with your setup, >> contact them today! >> >> --------------------------------------------------------------------------------- >> >> Please visit qmailtoaster.com >> <http://qmailtoaster.com> for the latest news, >> updates, and >> packages. >> To unsubscribe, e-mail: >> qmailtoaster-list-unsubscr...@qmailtoaster.com >> <mailto:qmailtoaster-list-unsubscr...@qmailtoaster.com> >> For additional commands, e-mail: >> qmailtoaster-list-h...@qmailtoaster.com >> <mailto:qmailtoaster-list-h...@qmailtoaster.com> >> >> >> >> >> >> --------------------------------------------------------------------------------- >> >> Qmailtoaster is sponsored by Vickers Consulting Group >> (www.vickersconsulting.com >> <http://www.vickersconsulting.com>) >> Vickers Consulting Group offers Qmailtoaster support and >> installations. >> If you need professional help with your setup, contact >> them today! >> >> >> >> >> >> --------------------------------------------------------------------------------- >> >> Qmailtoaster is sponsored by Vickers Consulting Group >> (www.vickersconsulting.com <http://www.vickersconsulting.com>) >> Vickers Consulting Group offers Qmailtoaster support and >> installations. >> If you need professional help with your setup, contact them >> today! >> >> --------------------------------------------------------------------------------- >> >> Please visit qmailtoaster.com <http://qmailtoaster.com> for >> the latest news, updates, and packages. >> To unsubscribe, e-mail: >> qmailtoaster-list-unsubscr...@qmailtoaster.com >> <mailto:qmailtoaster-list-unsubscr...@qmailtoaster.com> >> For additional commands, e-mail: >> qmailtoaster-list-h...@qmailtoaster.com >> <mailto:qmailtoaster-list-h...@qmailtoaster.com> >> >> >> >> >> __________ Informacja programu ESET NOD32 Antivirus, wersja bazy >> sygnatur wirusow 5835 (20110131) __________ >> >> Wiadomosc zostala sprawdzona przez program ESET NOD32 Antivirus. >> >> http://www.eset.pl lub http://www.eset.com >> >> >> >> >> __________ Informacja programu ESET NOD32 Antivirus, wersja bazy >> sygnatur wirusow 5835 (20110131) __________ >> >> Wiadomosc zostala sprawdzona przez program ESET NOD32 Antivirus. >> >> http://www.eset.pl lub http://www.eset.com >> >> >> >> >> --------------------------------------------------------------------------------- >> >> Qmailtoaster is sponsored by Vickers Consulting Group >> (www.vickersconsulting.com <http://www.vickersconsulting.com>) >> Vickers Consulting Group offers Qmailtoaster support and >> installations. >> If you need professional help with your setup, contact them today! >> >> >> >> >> >> --------------------------------------------------------------------------------- >> Qmailtoaster is sponsored by Vickers Consulting Group >> (www.vickersconsulting.com <http://www.vickersconsulting.com>) >> Vickers Consulting Group offers Qmailtoaster support and >> installations. >> If you need professional help with your setup, contact them today! >> >> --------------------------------------------------------------------------------- >> Please visit qmailtoaster.com <http://qmailtoaster.com> for the >> latest news, updates, and packages. >> To unsubscribe, e-mail: >> qmailtoaster-list-unsubscr...@qmailtoaster.com >> <mailto:qmailtoaster-list-unsubscr...@qmailtoaster.com> >> For additional commands, e-mail: >> qmailtoaster-list-h...@qmailtoaster.com >> <mailto:qmailtoaster-list-h...@qmailtoaster.com> >> >> >> > > > -- > -Eric 'shubes' > > > --------------------------------------------------------------------------------- > Qmailtoaster is sponsored by Vickers Consulting Group > (www.vickersconsulting.com) > Vickers Consulting Group offers Qmailtoaster support and installations. > If you need professional help with your setup, contact them today! > --------------------------------------------------------------------------------- > Please visit qmailtoaster.com for the latest news, updates, and packages. > To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com > For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com > > --------------------------------------------------------------------------------- Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! --------------------------------------------------------------------------------- Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
