| 1 |
On 02/12/2015 21:37, lee wrote: |
| 2 |
> Hi, |
| 3 |
> |
| 4 |
> is there a way to configure bind so that the names of local hosts, |
| 5 |
> i. e. the ones bind is authoritative for, can be resolved without a |
| 6 |
> connection to the internet? |
| 7 |
> |
| 8 |
> I don't like it at all that when the internet connection goes out, no |
| 9 |
> name resolution at all is possible. Since the information about the |
| 10 |
> local hosts is known to bind from its configuration files, why can't it |
| 11 |
> just resolve them? |
| 12 |
> |
| 13 |
|
| 14 |
|
| 15 |
There are several problems with your idea. First, the configured |
| 16 |
namservers in resolv.conf are caching servers, not authoritative |
| 17 |
servers. You never configure an auth server to act as a cache. Yes, it |
| 18 |
can be done. No, it's an awful idea and things break horribly. |
| 19 |
|
| 20 |
Secondly, nothing else on your network can know your auth server is |
| 21 |
authoritative without first being informed so by the delegating server. |
| 22 |
Or in other words, if you own example.com and an auth server for |
| 23 |
example.com is on your network, you have to first go via .com to know |
| 24 |
that. Weird, but that's how it works. |
| 25 |
|
| 26 |
DNS was designed to need a network connection because most of the DNS is |
| 27 |
out there somewhere else |
| 28 |
|
| 29 |
What you should do, is run your own caching server on the local network |
| 30 |
and set the TTL for your own zones to something sane i.e. 1 day (as |
| 31 |
opposed to the current idiotic fad of making it 10 minutes). The query |
| 32 |
your cache for your entire zone once a day. Unless your internet |
| 33 |
connection goes out for more than a day, you're good. |
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
-- |
| 38 |
Alan McKinnon |
| 39 |
alan.mckinnon@×××××.com |
Archives