Re: resolver doesn't see resolv.conf changes
- From: Chuck Swiger <cswiger@xxxxxxx>
- Date: Sat, 08 Apr 2006 09:54:42 -0400
Ulrich Spoerlein wrote:
Lyndon Nerenberg wrote:The solution is to run a local caching nameserver instance. You should do this anyway, for performance reasons. Add 'named_enable="YES"' to /etc/rc.conf, and modify your /etc/dhclient.conf as follows:
Good idea, but this defeates the hierarchical purpose of DNS. Now my
caching DNS is always querying the root DNS servers.
Yes, and is actually sending valid queries driven by a human trying to do something useful. Serving legitimate traffic isn't a problem for the root nameservers, but you could always set up a forwarder line to use the local ISP's nameserver first.
[ The root nameservers are seeing upwards of 90% bogus queries (ie, invalid queries, misplaced assertions from DNS servers claiming to be root nameservers themselves, Kaspersky-style DoS attacks, etc). ]
And there might be ISPs who disallow outgoing DNS connections to
somewhere else than their own DNS servers.
There are people offering "walled gardens" which prevent normal Internet access but provide some limited services; such aren't really "ISP"s, though.
--
-Chuck
_______________________________________________
freebsd-stable@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscribe@xxxxxxxxxxx"
- References:
- resolver doesn't see resolv.conf changes
- From: Ulrich Spoerlein
- Re: resolver doesn't see resolv.conf changes
- From: Lyndon Nerenberg
- Re: resolver doesn't see resolv.conf changes
- From: Ulrich Spoerlein
- resolver doesn't see resolv.conf changes
- Prev by Date: Re: rpc.lockd brokenness (2)
- Next by Date: Re: sio+acpi woes on HP DL145
- Previous by thread: Re: resolver doesn't see resolv.conf changes
- Next by thread: Re: resolver doesn't see resolv.conf changes
- Index(es):
Relevant Pages
|
