For those of us that are still running auth and recursive on the same
IP, I believe the benefit would be to deploy a best practices recursive
only nameserver on a different machine/IP address without getting, in my
case, possibly hundreds of thousands of clients to change their DNS
resolver IP address.
In the surface, I too find this to be an interesting idea.
-Michael
Kevin Darcy wrote:
Dmitry Rybin wrote:
Niall O'Reilly wrote:
I think, that be useful make this feature in bind:
Add option to disable internal recursion cache, and forward all
recursive queries to another daemon.
Daemon as unbound, pdns-recursor - much faster in recursion queries,
that bind. :(
I don't see the point.
If you need some code, other than BIND named, to handle
recursive queries from your clients, why not just have
that code listening on the addresses configured in the
stub resolver on each of the client systems?
I'll explain, why.
Same Server is authoritative for internet/intranet and recursive for
intranet and one large AS. Sometimes Auth/Rec server IP cannot be
spited into different IP's.
Bind answer authoritative for all clients, and forward (if allowed)
recursive queries to recursive server.
_______________________________________________
Why not just point some or all of those recursive clients to the "other"
recursive resolver?
Seems like BIND ceases to add any value when it's just forwarding
everything and not caching any results.
- Kevin
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users