1 |
Alan McKinnon <alan.mckinnon@×××××.com> writes: |
2 |
|
3 |
> On 02/12/2015 21:37, lee wrote: |
4 |
>> Hi, |
5 |
>> |
6 |
>> is there a way to configure bind so that the names of local hosts, |
7 |
>> i. e. the ones bind is authoritative for, can be resolved without a |
8 |
>> connection to the internet? |
9 |
>> |
10 |
>> I don't like it at all that when the internet connection goes out, no |
11 |
>> name resolution at all is possible. Since the information about the |
12 |
>> local hosts is known to bind from its configuration files, why can't it |
13 |
>> just resolve them? |
14 |
>> |
15 |
> |
16 |
> |
17 |
> There are several problems with your idea. First, the configured |
18 |
> namservers in resolv.conf are caching servers, not authoritative |
19 |
> servers. You never configure an auth server to act as a cache. Yes, it |
20 |
> can be done. No, it's an awful idea and things break horribly. |
21 |
|
22 |
I thought it was caching anyway. What's the point of forgetting the |
23 |
answers to queries right away after answering them? |
24 |
|
25 |
> Secondly, nothing else on your network can know your auth server is |
26 |
> authoritative without first being informed so by the delegating server. |
27 |
|
28 |
The name server itself knows this from its configuration, and it's the |
29 |
only thing that needs to know this because it's the only thing |
30 |
everything on the network is asking. |
31 |
|
32 |
> Or in other words, if you own example.com and an auth server for |
33 |
> example.com is on your network, you have to first go via .com to know |
34 |
> that. Weird, but that's how it works. |
35 |
|
36 |
The name server doesn't know what domains it's supposed to give answers |
37 |
for without asking others first? |
38 |
|
39 |
> DNS was designed to need a network connection because most of the DNS is |
40 |
> out there somewhere else |
41 |
|
42 |
Then how do you solve the problem of being unable to even resolve the |
43 |
names of hosts on the LAN when the connection goes down? |
44 |
|
45 |
> What you should do, is run your own caching server on the local network |
46 |
> and set the TTL for your own zones to something sane i.e. 1 day (as |
47 |
> opposed to the current idiotic fad of making it 10 minutes). The query |
48 |
> your cache for your entire zone once a day. Unless your internet |
49 |
> connection goes out for more than a day, you're good. |
50 |
|
51 |
Hm, I just tried that, and it seems to work. It didn't before I made |
52 |
some small changes last night, that's why I'm asking. Weird ... |