At 9/10/01 2:56 PM, Kris Benson wrote:
>George Kirikos wrote:
>>
>> NS2 would be accessed automatically if NS1 is unreachable, and
>> vice-versa.
>
>According to experiences on this list, that is not true in practice.
>
>The root nameservers return whichever one they feel like at the time, and
>the client contacts that server. If the server is down, you're SOL.
Hmmmm? That's certainly not the case. For some reason, this myth keeps
coming up on this list; perhaps you're remembering the myth and not the
debunking.
Anyway, for the record, it does work as advertised. The root servers
return the nameservers in pseudo-random order, and the resolver tries to
reach the first in the list. If it fails, the resolver tries the next one
in its list. (Some resolvers try all the nameservers at once and use the
first that responds, which gives the same effect.)
A couple of tests will confirm that it all works. The first is:
$ dig opensrs.org ns @a.gtld-servers.net
As you can see, it returns all three name servers, in a random order (try
it a few times).
Some slightly more involved testing and logging on a test DNS server will
confirm that resolvers fallback to alternate servers if the first one
they try is unavailable. For example, block and log packets to one of
your nameservers, and merely log them on the other. You'll see that when
packets are rejected at the blocked one, the resolver tries the other.
>Of course, who knows exactly how things are supposed to work or how things
>are coded to work...
Actually, it's all very well defined and not vague at all. The book "DNS
and BIND" by Paul Albitz & Cricket Liu is a good place to start; it
explains all of this. Much of their wisdom is also available at
http://www.acmebw.com/. If still in doubt, there's always RFCs and source
code... :-)
--
Robert L Mathews, Tiger Technologies
