REQUEST: Network Interface Failover and multi-DNS resolution
Steve G
linux_4ever at yahoo.com
Thu Aug 12 23:39:28 UTC 2004
>The first nameserver in resolv.conf is the only one that is queried. The
>other ones are only queried if the first is down, not when the first
>gives a negative answer.
I suspect this is a bug in the resolver library. I have seen this bug under a
different scenario, but haven't yet filed the bug report. I have 2 dns servers
each going out a different gateway. The gateway goes down for ns1 and then next
thing I know the whole mail system goes down. Postfix does lots of dns queries
when processing the mail. ns2 works just fine but postfix never sees it.
Seriously, what is the point of being able to specify a search list that is never
used?
I agree that it needs to be discussed with ISC bind people. They probably need to
fix it.
The man page for resolv.conf says this:
"Most resolver queries will be attempted using each component of the search path
in turn until a match is found."
I guess the question is whether a normal query falls into "most". Based on the
man page, I think the intention was that the list would be walked until a
positive answer was returned. Someone may have optimized the algorithm to where
it doesn't meet requirements anymore.
What I've done to mitigate the problem is to add a rotate option to resolv.conf.
This way 50% of the queries might get answered should a gateway go down.
-Steve Grubb
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
More information about the fedora-devel-list
mailing list