[CentOS] named server

Steve Huff shuff at vecna.org
Wed May 18 13:19:07 UTC 2005 

On May 18, 2005, at 8:50 AM, Ceg Ryan wrote:

> What is the difference between use forward only+forwarders and
> directly set the nameserver inside resolv.conf ?

resolv.conf is used by the system's name resolution service.  BIND 
doesn't care about the contents of resolv.conf, as it has its own 
mechanism for resolving names (given that that is its primary 
function).

here are several scenarios that may illustrate the difference.

scenario 1 - you have set up a forwarding-only nameserver:

other machines can connect to your machine and ask it to resolve names 
for them.  it will send those queries out to its forwarder, and when 
the responses come back, it will relay those responses to the machines 
that queried it.  (incidentally, this machine's resolv.conf should be 
set up so that it queries itself for name resolution.)

scenario 2 - you have configured an external nameserver in resolv.conf, 
and you're not running BIND:

your machine will not respond to name service queries; however, it will 
still be able to resolve names itself.

scenario 3 - you have set up a forwarding-only nameserver (or any other 
instance of BIND), and you've also configured an external nameserver in 
resolv.conf:

this scenario is somewhat of a landmine.  if other machines are 
depending on your machine for name resolution, but your machine uses 
the system's name resolution service to resolve names, then the 
following conversation can occur when BIND breaks:

User: Hey, I can't resolve www.google.com!  Your nameserver isn't 
responding!
You : Hmm, I just typed "host www.google.com", and it worked fine for 
me.

in a nutshell: resolv.conf and BIND have very little connection.  if 
your nameserver is using a name resolution service other than itself, 
it can be easy to overlook DNS problems.  if you're running a 
nameserver, its resolv.conf should point to itself (unless you have 
some special circumstance that requires otherwise).

does this make sense?

-steve

---
If this were played upon a stage now, I could condemn it as an 
improbable fiction. - Fabian, Twelfth Night, III,v

More information about the CentOS mailing list