Am 12.08.2016 um 11:07 schrieb Willmann, Robert:
Hi Harald,Do you see other downsides to forwarding?you get the lowest TTL in the whole chain and god beware none of the multi-hop forwarders have a cache hit so it makes it to the last in chain doing then recursion - it's a simple "worst case math"Do you ever have seen a significant issue with this in real life?
frankly i have seen so many problems caused by forwarding at all (at random times websites not reachable due dns errors) and never faced after switched anything to either recursion or authoritative
Some companies I forward queries t, even give back their answers with a TTL of zero
that's not smart to do, even RBL's like Spamhaus have 5 seconds and when you think about a client running in a loop you may understand why it's better have it only once every 5 secods on the DNS server
so there is not even a theoretical difference in the TTL between forwarding and other means of resolution in these cases.
that is not a typical real life case
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
