[Gllug] DNS

[Ian Northeast]

Chris Ball wrote:
> 
> On Tue, 2001-11-13 at 11:07, Paul Brazier wrote:
> > In the DNS Howto it gives a sample "root.hints" file that lists the root
> > nameservers. They are named A to M but listed in a strange order. I
> > thought the order didn't matter, so wouldn't it make more sense to have
> > them in alphabetical order, then it would be clearer to see if one was
> > accidently missing.
> 
> The root servers are all over the planet.  Assuming that the order
> /does/ matter, and that they're interrogated according to their order in
> the file, it would make sense to order them according to geographical
> distance.
> 
> > When I resolve a domain name does it select one of these root
> > nameservers at random which then sends the request on to a second level
> > nameserver (if one exists for that domain)?
> 
> No, the root servers are rarely involved.  When you resolve a domain
> name, you're talking to your ISP or network's nameserver, which has got
> its information from a number of other nameservers, leading - at some
> point - back to the root servers.  This is why a DNS change on a domain
> name will take some hours to propagate; it needs to make its way from
> the root servers all the way down to your local network.

This is only true if you use the ISP's servers. If you do, you are
unlikely to have a root hints file at all, unless you run a hybrid
forwarding/caching server - which is certainly possible (basically you
refer all queries to your ISP, and if it doesn't respond quickly enough,
you do it yourself).

If you are running a caching server, you will query a root server which
will then refer you to a second level server and so forth. Note that the
root server refers you to the second level server - it does not refer to
it itself. This is a non recursive query. Nameservers make non recursive
queries, and resolvers recursive ones (in general). Most nameservers,
except the ones provided by ISPs for their customers' use, do not
respond to recursive queries. You have to set your caching server up to
do so of course (which is the default). Of course all nameservers cache,
so many queries do indeed not go to the roots. If you just looked up
x.com, then you look up y.com, your nameserver knows where the servers
are for .com so it doesn't ask again.

The order of the file does not matter. If you obtain it by FTP, it will
be in order A to M. If you obtain it by dig from a root server, the
order will be random. The order of records in a domain is not
significant so nameservers do not present results in any particular
order. Presumably the author of the howto used dig.

The file is only used when bind loads. The first few times it needs to
refer to the roots, it queries them in random order, and remembers the
response times. Thereafter, it queries the fastest. This usually means
that it will use those which are geographically closest. Periodically it
rechecks to see if the response times have changed, especially if its
"preferred" server gets slower.

This behaviour is specifically a property of bind. Not all nameserver
implementations are so sophisticated. AIUI there are some badly broken
ones around which always prefer a.root-servers.net, with the result that
it is about twice as busy as the rest. This should not be the case.

Regards, Ian

-- 
Gllug mailing list  -  Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug