While testing the option "lame-ttl" with values 0 (disable) or any value higher zero on our resolver, I'm unsure, if I missed something (BIND 9.11.2):

lame-ttl defines the time in seconds, how long a lame-server-entry should be cached and therefore not should be further asked (because it seems to be down). See http://www.zytrax.com/books/dns/ch7/hkpng.html#lame-ttl

If BIND recognizes a lame-server (written in the logfile), the corresponding server will not be contacted for authoritative queries. If I set the value "lame-ttl 0;", which means, caching lameservers will be disabled, then I would expect, that BIND will do "round-robin"-queries to all authoritative servers of a zone (includes the down-one). BUT: BIND still would have a notice of the lame-server (written in the log) and this server will still *NOT* be contacted for lookups.

I've tested with simple iptables-rules on my resolver, which are blocking outbound-connections to one or more authoritative servers of a zone for simulating the "lame-servers"-behavior.

Any explanation or hints for this (mis)-behavior?

Thank you.
Kind regards,
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list

Reply via email to