[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [afnog] Red Hat 8.0 as a router

To: Daniel Obuobi <dobuobi at yahoo.com>
Subject: Re: [afnog] Red Hat 8.0 as a router
From: Brian Candler <B.Candler at pobox.com>
Date: Fri, 15 Aug 2003 20:56:45 +0100
Cc: Stephane Bortzmeyer <bortzmeyer at nic.fr>
Cc: afnog at afnog.org
Content-Disposition: inline
Content-Type: text/plain; charset=us-ascii
Delivered-To: afnog-archive at lists.eahd.or.ug
Delivered-To: afnog at afnog.org
In-Reply-To: <20030815191628.6403.qmail at web14206.mail.yahoo.com>
List-Archive: <http://listserv4.cfi.co.ug/pipermail/afnog>
List-Help: <mailto:afnog-request at afnog.org?subject=help>
List-Id: The AfNOG general discussion list <afnog.afnog.org>
List-Post: <mailto:afnog at afnog.org>
List-Subscribe: <http://listserv4.cfi.co.ug/mailman/listinfo/afnog>,<mailto:afnog-request at afnog.org?subject=subscribe>
List-Unsubscribe: <http://listserv4.cfi.co.ug/mailman/listinfo/afnog>,<mailto:afnog-request at afnog.org?subject=unsubscribe>
References: <Pine.LNX.4.44.0308132330430.23328-100000 at sleekfreak.ath.cx><20030815191628.6403.qmail at web14206.mail.yahoo.com>
Sender: afnog-bounces at afnog.org
User-Agent: Mutt/1.4.1i

On Fri, Aug 15, 2003 at 12:16:28PM -0700, Daniel Obuobi wrote:
> Please what is the main difference between the
> installing dns to do resolving and one to be an
> authoritative sever. Are they no installed the same
> way?

Kind of, but it is better to configure them differently:

- an authoritative server should have recursion turned off. This prevents it
being used as a cache, minimises CPU load, and ensures that its RAM usage
is minimal.

- a caching server should be configured with recursion on but only answering
queries from your own IP ranges, to prevent it doing work for other people
on the Internet. It needs to have lots of RAM.

- keeping the boxes separate makes scaling *much* easier, and also prevents
problems when domains are transferred (your cache won't be polluted with
stale information)

This is the advice for an ISP environment, and if you are authoritative for
hundreds or thousands of domains it's really important.

OTOH if this is just some little office system, then one box doing both jobs
will be OK, and indeed if you don't have your own domain (or if your
upstream ISP hosts it for you) then you don't need an authoritative
nameserver at all, just a cache.

Cheers,

Brian.
__________________________________________________
This is the Africa Network Operators' Group(AfNOG) 
technical discussion list.
The AfNOG website is: <http://www.afnog.org>

Follow-Ups:
- Re: [afnog] Red Hat 8.0 as a router
  - From: Daniel Obuobi <dobuobi at yahoo.com>

References:
- Re: [afnog] Red Hat 8.0 as a router
  - From: shogunx <shogunx at sleekfreak.ath.cx>

Prev by Date: [afnog] Oposite of VPN ?
Next by Date: Re: [afnog] Red Hat 8.0 as a router
Prev by thread: Re: [afnog] Red Hat 8.0 as a router
Next by thread: Re: [afnog] Red Hat 8.0 as a router
Index(es):
- Date
- Thread