enable DNS

Jeff Vian jvian10 at charter.net
Sun Jun 13 03:11:46 UTC 2004



Kenneth Porter wrote:

> --On Saturday, June 12, 2004 6:50 AM -0500 Jeff Vian 
> <jvian10 at charter.net> wrote:
>
>> The advantage to this approach is if you have several machines on your
>> lan and you use a single caching nameserver, then your other hosts can
>> query your caching nameserver host and aggregate calls to the remote
>> servers while taking advantage of the caching service.
>
>
> On a network with restricted access to the Internet, this makes sense, 
> as you reduce the use of the scare resource, your small pipe. For a 
> machine with a broadband or better connection, you would suffer the 
> cost of the extra hop going through a forwarder if there's a cache 
> miss, which makes performance highly dependent on the characteristics 
> of your forwarder's cache. It also makes you vulnerable to 
> misconfiguration of the forwarder. (Ask Comcast/ATTBI customers about 
> that when it happened a couple years ago for a couple months and 
> screwed up Win2k users. Win2k's client caching resolver locks to the 
> first server returning a reply, and it would randomly lock to ATTBI 
> servers with bad information.) A root hints system removes your 
> forwarders as points of failure. You bypass them and go straight to 
> the authoritative servers for each domain.
>
>
But you also add lots of load to the root servers.  DNS is designed to 
be distributed so the servers are capable of handling the load.  You 
would use at least 2 queries for every dns lookup. (one to the root 
server, one to the authoritative server) and often more.  Your ISPs 
server does caching, and you are likely to get a response that the ISP 
already has in cache, thus no extra load beyond that point and a reply 
with only one query.

Your example is based on an OS with broken/proprietary services anyway, 
and ComCast had the real problem there.  Once the original problem was 
identified and fixed it did not come back AFAIK.

Your approach is like saying that you don't like what your small town 
councilman (ISPs nameserver) is doing so you go the the President of the 
United States (root nameserver) for the correct information.
 

>
>





More information about the fedora-list mailing list