[sf-lug] resolver problem
Rick Moen
rick at linuxmafia.com
Mon Aug 27 11:06:29 PDT 2012
Quoting Alex Kleider (a_kleider at yahoo.com):
> Daniel G was kind enough to spend a lot of time with me at last
> Monday's LUG meeting trouble shooting this problem. In the end he
> concluded that for reasons never made clear, resolver requests were
> being sent out using TCP instead of UDP and some servers honored that
> and some stuck to the rules and did not. Changing /etc/resolv.conf
> to point to a server that did seemed to solve the problem (or should I
> say, 'circumvent' the problem, if that is indeed what it was. I can no
> longer reproduce the problem so can not investigate further.)
Yes, but why outsource DNS at all, in the first place?
You can run a full-service recursive nameserver of your own on just
about anything, it completely avoids problems such as the one you
cite above, it doesnt't take much in the way of machine resources, and
it pretty much runs itself. (There's nothing really requiring
administration.)
I can understand people wanting to outsource their authoritative DNS on
grounds of administrative headache (though I do not concur), but
outsourcing recursive DNS seems a bit silly.
(Software? Your choice of Unbound, PowerDNS Recursor, BIND9, Deadwood,
dnscache.)
More information about the sf-lug
mailing list