[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: getting dhclient to update bind forwarders IPs
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: Re: getting dhclient to update bind forwarders IPs
- From: Alexander Bochmann <ab_(_at_)_lists_(_dot_)_gxis_(_dot_)_de>
- Date: Tue, 12 Jul 2005 17:05:17 +0200
...on Tue, Jul 12, 2005 at 09:38:43AM -0400, Will H. Backman wrote:
> > For the other part, if you're running your own nameserver,
> > why would you want to use forwarders at all?
> The use of forwarders is a good thing. It reduces the load on the root
> servers, and your DNS server gets to use closer servers that may already
> have the answer.
I might have said something similar
10 years ago, but hey, it's 2005 now...
The root servers are least affected,
because they will be cached first.
The TLD servers will get a little more
traffic, but hey - they're paid to handle
The single domains probably won't notice
at all, as it doesn't fundamentally change
their usage pattern.
It's not as if we're talking about a scarce
resource here, so the overall effect is
probably pretty negligible.
Also, if you're using a forwarder outside
of your control, you have to trust it's
cache contents, which increasingly tends not
to be a good thing (apart from cache poisoning
attacks, just as an example, there are attempts
to force German ISPs to block access to certain
domains by altering the data returned by their
Today, the only valid reason to use a
forwarder is if you're not allowed to do
direct DNS queries.