Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: DNS and Authoritative Servers
Special Forums IP Networking DNS and Authoritative Servers Post 302878509 by DGPickett on Friday 6th of December 2013 12:17:39 PM
Old 12-06-2013
Want recursion is a client request attribute. A server can do with 'go ash him' but a basic DNS gethostbyname library routine just wants the final answer. I suppose a DNS server might exist that can be configured to forward requests with recursion wanted. It would have a more meager cache, but if it is sharing a slow connection, it gets a quicker answer from a better connected correspondent DNS server up the chain. An absolute root server (com, net,org) might refuse to do recursion -- they are too busy as it is. Google 'DNS Recursion' and lo and behold, http://technet.microsoft.com/en-us/l.../cc771738.aspx it is an anti-DenialOfService trick to not accept recursive requests. In this case, no simple clients can connect, just other DNS servers, so you need a ring of recursion-enabled DNS servers around your simple clients. A caching no-domain DNS server is a nice thing to have as locally as possible, so you can keep asking for the same host (or address or other query) and get a local, cached answer quickly. The DNS service to support your domain (or your addresses in their pseudo domain) is really a completely separate function from a DNS server to answer queries about other domains. Caching is a dual edged sword, though, as it can be poisoned. Hackers send an unsolicited packet with bad information as if responding to a request, and the DNS server accepts and saves it. That seems a worse problem then Denial Of Service from queries to domains with infinite loops of redirection.

If there are no cache hits, a query, recursive or not, will eventually go to the authoritative source. However, any DNS server on your query's path may have a non-authoritative answer in cache to any of the multiple queries needed to finally answer your query: a.b.c.d may go to d, c.d, b.c.d to get a.b.c.d in the end.
Last edited by DGPickett; 12-06-2013 at 01:24 PM..
 

9 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

How can I use DNS Server to Load Balancing my Web Servers ??

Anyone can give me some idea about DNS Server Configuration that I want to load balancing my Web Servers . (1 Reply)
Discussion started by: ottobian
1 Replies

2. UNIX for Dummies Questions & Answers

DNS servers

I am supposed to setup a Domain Name Server, and I don't really know how to do this, can someone either help me, or point me in the direction of a site that has a good explination of how to do this. Thanks, Ronnie (5 Replies)
Discussion started by: ignus7
5 Replies

3. AIX

Dns Servers

My only question is Can we have two auteritative Name servers for a single domain? Just a question. (1 Reply)
Discussion started by: vjm
1 Replies

4. AIX

Servers still querying old DNS server?

Hello, I've created new DNS servers and changed all of the clients /etc/resolv.conf to point to them, but when I check the old DNS logs, I see that the clients are still querying it. Does anybody know why? thanks, (2 Replies)
Discussion started by: ctcuser
2 Replies

5. IP Networking

Select DNS Servers depending on the domain

Hello, I'm using CentOS 5.3, and I connect to a VPN in order to work. The problem is that I'm constantly accessing things on the local network and the remote network. But once I'm connected to the VPN I can't access local addresses by name, I have to use the ip-address. What I'd like is to... (4 Replies)
Discussion started by: martincastell
4 Replies

6. UNIX for Advanced & Expert Users

DNS server choice: Windows DNS vs Linux BIND

I'd like to get some opnions on choosing DNS server: Windows DNS vs Linux BIND comparrsion: 1) managment, easy of use 2) Security 3) features 4) peformance 5) ?? I personally prefer Windows DNS server for management, it supports GUI and command line. But I am not sure about security... (2 Replies)
Discussion started by: honglus
2 Replies

7. Red Hat

DHCP & DNS - Clients get IP but don't register in DNS

I am trying to setup a CentOS 6.2 server that will be doing 3 things DHCP, DNS & Samba for a very small office (2 users). The idea being this will replace a very old Win2k server. The users are all windows based clients so only the server will be Linux based. I've installed CentOS 6.2 with... (4 Replies)
Discussion started by: FireBIade
4 Replies

8. Linux

Domain registrars & DNS servers

I have read many tutorials on bind and i understand the A,MX, CNAME records. Internally, on a LAN we can install bind and create all these records and we can tell all PC and servers to use this bind as DNS server.that's fine. On the Internet, when we have purchased a valid domain like... (5 Replies)
Discussion started by: coolatt
5 Replies

9. Ubuntu

Network Manager not setting correct DNS servers

Since a few weeks i use Ubuntu 16 on my laptop: # uname -a Linux xxxx 4.8.0-52-generic #55~16.04.1-Ubuntu SMP Fri Apr 28 14:36:29 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux Because i want to use a custom name server i set the properties in the "Edit Connections" dialogue to the following: ... (2 Replies)
Discussion started by: bakunin
2 Replies

LEARN ABOUT DEBIAN

testmxlookup

TESTMXLOOKUP(1) 					      Double Precision, Inc.						   TESTMXLOOKUP(1)

NAME

       testmxlookup - Look up mail relays for a domain

SYNOPSIS

       testmxlookup [@ip-address] [--dnssec] [--udpsize n] {domain}

DESCRIPTION

       testmxlookup lists the names and IP addresses of mail relays that receive mail for the domain. This is useful in diagnosing mail delivery
       problems.

       testmxlookup sends a DNS MX query for the specified domain, followed by A/AAAA queries, if needed.  testmxlookup lists the hostname and the
       IP address of every mail relay, and its MX priority.

   DIAGNOSTICS
       The error message "Hard error" indicates that the domain does not exist, or does not have any mail relays. The error message "Soft error"
       indicates a temporary error condition (usually a network failure of some sorts, or the local DNS server is down).

   OPTIONS
       @ip-address
	   Specify the DNS server's IP address, where to send the DNS query to, overriding the default DNS server addresses read from
	   /etc/resolv.conf.

	   "ip-address" must be a literal, numeric, IP address.

       --dnssec
	   Enable the DNSSEC extension. If the DNS server has DNSSEC enabled, and the specified domain's DNS records are signed, the list of IP
	   addresses is suffixed by "(DNSSEC)", indicating a signed response.

	   This is a diagnostic option. Older DNS servers may respond with an error, to a DNSSEC query.

       --udpsize n
	   Specify that n is the largest UDP packet size that the DNS server may send. This option is only valid together with "--dnssec". If
	   "--dnssec" always returns an error, try "--udpsize 512" (the default setting is 1280 bytes, which is adequate for Ethernet, but other
	   kinds of networks may impose lower limits).

SEE ALSO

       courier(8)[1], RFC 1035[2].

AUTHOR

       Sam Varshavchik
	   Author

NOTES

	1. courier(8)
	   [set $man.base.url.for.relative.links]/courier.html

	2. RFC 1035
	   http://www.rfc-editor.org/rfc/rfc1035.txt

Courier Mail Server						    11/18/2011							   TESTMXLOOKUP(1)
All times are GMT -4. The time now is 02:29 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy