[plug] .org DNS issues
Craig Ringer
craig at postnewspapers.com.au
Tue Dec 9 13:15:46 WST 2003
> | >No forwarders? How exactly was BIND supposed to resolve any non-local
> | >names?
> |
> | recursive queries starting at the root servers. Hmm. I normally actually
> | block the root servers in my firewall rules, so I /can't/ accidentally
> | query them.
>
> So that means that what I was doing was bad? :-/
Not hugely. Ideally, however, it's best to avoid talking direct to the
root nameservers. Not only is it better for the 'net in general (reduced
load on the root nameservers) but you'll often get better performance if
you use a closer forwarder or two. ISP's name servers will often have
what you want cached, saving time and a round-trip to the root nameservers.
You're also reducing your traffic usage (rather slightly, admittedly).
I can't remember the source now, but I read recently that something like
95% of load on the root nameservers is caused by misconfigued hosts and
hosts using the root NS when they shouldn't need to.
I tend to work on the theory that if iiNet's DNS, WestNet's DNS and
Indigo's DNS are unreachable then I'm probably down for other reasons
anyway.
Craig Ringer
More information about the plug
mailing list