I have a rather unusual network with a gateway machine that connects to two ISPs: a slower DSL with a static IP and a faster cable (Comcast) with a DHCP IP. The gateway machine runs two instances of BIND (plus the usual firewalling): an authoritative one for a couple of domains (and only those domains!), and a forwarding-only one for use by internal clients (to reduce external DNS requests via the usual caching that BIND provides).
Currently, I forward all outbound DNS via the DSL to the ISP's DNS servers. (I have more confidence in the DSL provider not interfering with DNS than in Comcast.) However, there have been a couple of cases recently when the DSL was not getting beyond their gateway router, which meant that DNS would fail, causing much HTTP(S) to fail even though the cable network was working quite nicely. So my question is, is it possible to configure my forwarding BIND to have a primary and *secondary* path for sending out DNS queries? As far as I can tell, the "query-source address" option in named.conf only allows one outbound interface to be (implicitly) specified, and I don't want to leave the outbound interface unspecified as that would defeat monitoring and logging on the specific interface. The "forwarders" option *does* allow multiple DNS servers to be specified, but that doesn't help if the network path is down. P.S. I suppose I might try something with policy routing, but that was already a nightmare to set up, since I use DSL vs cable based on the source and type (e.g. HTTP, SSH) of the traffic rather than the more common destination. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
