Re: help with BIND SRV

[Nate Duehr <nate@natetech.com>]

Fraser Campbell wrote:

> On Thursday 07 October 2004 22:23, Nate Duehr wrote:
>
>  
>
> > - They don't understand that there might be multiple DNS servers between
> > their top-level and the machine they're servicing (3X and 4X TTL)
> >    
>
> Let's say that I have my local (desktop if you prefer) resolver (which I'll 
> call A is pointed to a caching nameserver B.
>
> Caching nameserver B forwards all of it's DNS requests to their ISP's larger 
> caching server C.
>
> Caching server C makes queries to the appropriate authoritative server D.
>
> So the DNS query goes:
>
>  A->B->C->D
>
> D replies to C with a record having TTL of 3600.  C forwards request to B, B 
> gives answer to A ... TTL 3600.
>
>  
You're talking about forwarding... like using the "forwarders" statement 
in Bind. 

I was talking about sites that have "done it wrong" (my opinion, and 
probably yours too - it's just not right...) so to speak, and are 
forcing port 53 traffic to different places than it was intended to go 
originally.

"Proxying" would be the best phrase I could call it.  Some commercial 
active firewall implementations do something similar.

Nate