>The first nameserver in resolv.conf is the only one that is queried. The >other ones are only queried if the first is down, not when the first >gives a negative answer. I suspect this is a bug in the resolver library. I have seen this bug under a different scenario, but haven't yet filed the bug report. I have 2 dns servers each going out a different gateway. The gateway goes down for ns1 and then next thing I know the whole mail system goes down. Postfix does lots of dns queries when processing the mail. ns2 works just fine but postfix never sees it. Seriously, what is the point of being able to specify a search list that is never used? I agree that it needs to be discussed with ISC bind people. They probably need to fix it. The man page for resolv.conf says this: "Most resolver queries will be attempted using each component of the search path in turn until a match is found." I guess the question is whether a normal query falls into "most". Based on the man page, I think the intention was that the list would be walked until a positive answer was returned. Someone may have optimized the algorithm to where it doesn't meet requirements anymore. What I've done to mitigate the problem is to add a rotate option to resolv.conf. This way 50% of the queries might get answered should a gateway go down. -Steve Grubb __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
