DNS question
 

I suspect that our dns server is not setup correctly, as there is a considerable delay (1-10s) before viewing webpages. I have much shorter response times at my home machine, though that is on a slow dial-up connection.
Looking into the tcpdump logfile, I see our dns server is messing around with dns queries during that time.
(Besides, when starting bind, it gives an error message about an incorrect hint record).
Our dns server should use our iSP's dns servers. It actually uses them, but I see much more dns queries going out to other dns servers on the web.
I know only a very little about dns matters, and I would like to know:
When our dns server (bind) is setup to use the dns server of our ISP, and it needs to do a dns lookup:
- should our dns server always connect to our ISP's dns server first?
- if our ISP's dns server itself cannot resolve the name:
a) does it go further and contact other dns servers until it finally resolves that and sends the answer back to our dns server, or
b) does it only instruct our dns server to do further dns queries on its own?

Re: DNS question
 

- should our dns server always connect to our ISP's dns server first?

No- If any request to your DNS server (eg. yourdomain.com), your DNS server will search for the root first (do you see in /var/named/root.hints or named.ca), try to vi it.

That's the root file, it will tell your DNS server to go there to asking about yourdomain.com. Then after reach there, the root will tell them where you can find yourdomain.com, if the root cannot give your DNS an answer, it will tell your DNS to go to other place which contains the information about yourdomain.com

- if our ISP's dns server itself cannot resolve the name:
it does go further and contact other dns servers until it finally resolves that and sends the answer back to the reqeustor (not always to your dns server)

I have good success setting my domain to check with my DNS server first for local stuff. Then it uses the forwarders ( my ISP ) to find anything which it doesn't know about. That would be anything on the Internet.
The important files are
/etc/named.conf
/etc/named.custom
/etc/resolv.conf
Here are examples from my domain DNS setup.

___________________________________________________
## named.conf - configuration for bind
#
# Generated automatically by redhat-config-bind, alchemist et al.
# Any changes not supported by redhat-config-bind should be put
# in /etc/named.custom
#
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};

include "/etc/named.custom";

include "/etc/rndc.key";

zone "0.168.192.in-addr.arpa" {
type master;
file "0.168.192.in-addr.arpa.zone";
allow-update {
192.168.0.1;
};
};


zone "mydomain.com" {
type master;
file "mydomain.com.zone";
allow-update {
192.168.0.1;
};
};

________________________________________________
## named.custom - custom configuration for bind
#
# Any changes not currently supported by redhat-config-bind should be put
# in this file.
#
# Note: Put your ISP DNS server addresses below.

options {
directory "/var/named/";
forwarders {
123.123.1.123;
123.123.2.123;
456.456.1.100;
};
};

________________________________________________
/etc/resolv.conf

; generated by /sbin/dhclient-script
search mydomain.com
nameserver 192.168.0.1

why dont u want to setup your own caching DNS server? It will yeild faster responses for previously visted sites than having it query your ISPs servers. It acutally makes no sense to even have your own DNS server and not allow it to cache, unless you just REAALLY dont want it to for some special reason. In affect your are telling a server to ask a server for an ip address. Man in the middle kinda thing that will slow down the process. Rather, you should setup your server to also cahce and allow recursion for the internal hosts and skip the forwarding stuff.

If you want to setup caching u need the following (maybe with slight modifications to file paths)

based on your setup (after further review) all queries should be answered only by your ISPs DNS servers (according to DNS and BIND by Albitz and Liu).

here is a paragraph ripped from the book:

A primary master or slave name server's mode of operation changes slightly when it is configrued to use a forwarder. If a resolver requests records that are already in the name server's authoritative data or cahced data, the name server answers with that information; this part of its operation hasn't changed. However, if the records aren't in its database, the name server sends the query to a forwarder and waits a short period for an answer before resuming normal operation and contatcting the remote name servers itself. What the name server is doing differently here is sending a recursive query to the forwarder, expecting it to find the answer. At all other times, the name server send out nonrecursive queries to other name servers and deals with the resopnses that only refer it to the ohter name servers.


this basically says ( i think ) . your server will try to ask you ISP for an answer. if that response takes 2 long, it will ask for the the answer non-recursivley.. i.e. worst case is if you ask for host.domain.com it will ask the root servers for .com then it will ask the server that owns .com for domain then it will ask domain.com's name server for host and. 3 servers quieried for the response, 4 total if u include the original request to your ISP. So if you see it asking many other servers, it's because of the nonrecursive query after your ISP took 2 long to give an answer.

that sucks!!!!!

in the book it lists 1 good reason for using forwarders, if you only have 1 nameserver on your network and it has a network connection, and you arent being charged for bandwidth, you dont need to forward requests to your ISP's nameservers.