cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
ChrLu
Level 9
Report Inappropriate Content
Message 1 of 2

Multiple Nameserver in Conditional Forwarding Setup

All,

we start wondering how in detail MWG is using Nameserver for name resolution if Conditional DNS Forwarding is active and multiple (lets assume 4) different nameservers are configured.

We configured NS like following
external ns1, external ns2, internal ns1, internal ns2

for domain "pure.internal" use internal ns1 and internal ns2.

The problem we are facing is domain "split.domain" for our customer which is having internal and external hosts configured.

Of course we can each host list as individual entry in conditional forwarding but thats not really our intention.

We noticed that "hostA.split.domain" is sometimes resolvable and sometimes not.which indicates that ALL of the listed 4 Nameservers are used for lookup in some kind of round robin.

Please confirm or explain how this works.

we were under the impression, that 2nd NS is only used if 1st NS is not replying at all but here the 3rd or 4th NS seems to resolve sometimes "hostA.split.domain" when 1st is replying with not resolvable or by using round robin NS from list of multiple configured NS.

Thanks.

Christian

1 Reply
fw_mon
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 2 of 2

Re: Multiple Nameserver in Conditional Forwarding Setup

Hello @ChrLu 

bind uses forwarder selection algorythm based on the response time:

https://bind-users.isc.narkive.com/Z6DIeZad/forwarder-selection-logic-by-bind9#post2

 

>> 2nd NS is only used if 1st NS is not replying at all 

this is the "stub resolver" logic that used if you use default settings with up to three dns servers,

When you enable conditional dns forwarding MWG switches from using fixed dns servers to using a local dns server (127.0.0.1) that provides beforementioned forwarder selection algorythm based on SRTT (smooth round trip time) - i.e. response time of forwarders.

You can check srtt of configured forwarders with "rndc dumpdb" command and check last lines in  /var/​cache/bind/named_dump.db file

 

 

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community