1 |
On 02/12/2015 21:37, lee wrote: |
2 |
> Hi, |
3 |
> |
4 |
> is there a way to configure bind so that the names of local hosts, |
5 |
> i. e. the ones bind is authoritative for, can be resolved without a |
6 |
> connection to the internet? |
7 |
> |
8 |
> I don't like it at all that when the internet connection goes out, no |
9 |
> name resolution at all is possible. Since the information about the |
10 |
> local hosts is known to bind from its configuration files, why can't it |
11 |
> just resolve them? |
12 |
> |
13 |
|
14 |
|
15 |
There are several problems with your idea. First, the configured |
16 |
namservers in resolv.conf are caching servers, not authoritative |
17 |
servers. You never configure an auth server to act as a cache. Yes, it |
18 |
can be done. No, it's an awful idea and things break horribly. |
19 |
|
20 |
Secondly, nothing else on your network can know your auth server is |
21 |
authoritative without first being informed so by the delegating server. |
22 |
Or in other words, if you own example.com and an auth server for |
23 |
example.com is on your network, you have to first go via .com to know |
24 |
that. Weird, but that's how it works. |
25 |
|
26 |
DNS was designed to need a network connection because most of the DNS is |
27 |
out there somewhere else |
28 |
|
29 |
What you should do, is run your own caching server on the local network |
30 |
and set the TTL for your own zones to something sane i.e. 1 day (as |
31 |
opposed to the current idiotic fad of making it 10 minutes). The query |
32 |
your cache for your entire zone once a day. Unless your internet |
33 |
connection goes out for more than a day, you're good. |
34 |
|
35 |
|
36 |
|
37 |
-- |
38 |
Alan McKinnon |
39 |
alan.mckinnon@×××××.com |