Sat, Mar 26 2005 13:50
DNS ...to forward or not to forward...that 'tis the question
First off I have to explain..I've been doing knock offs of Shakespeare ever since I briefly caught the interview of Denzel Washington on GMA in his role of Brutus in Julius Caesar on Broadway.....the “To Be or not To Be“ is from Hamlet anyway....we now return you back to the blog....
DNS ...to forward or not to forward...that 'tis the question...whether tis nobler in the mind to suffer the slings and arrows of potential DNS poisoning or to merely use root hints.....
uh...sorry...where was I? Oh yeah...
Muffy in the newsgroups indicates that when she ran the Connect to internet wizard that she 'did not' put in any ISP's DNS entries in there where the wizard indicated and the network is resolving to the Internet just fine. Is this okay, she asks?
And yes, indeed as is showcased here it is truly not necessary to put in ISP forwarders...as the built in DNS root hints pick up the ball and just work.
In fact, many are now arguing that we should 'not' put in DNS forwarders anymore due to DNS poisoning attacks. The only thing I have seen that we need sometimes is adjustments to EDNS0 support evidence by not being able to get to some websites.
So next time you are playing around with your test server... try taking out those forwarders...see what happens... you'll probably find like Muffy did that everything magically still works just fine.
P.S. Check out Eric's comments for some items to think about when choosing between forwarding or no forwarding.
Filed under: SBS Installation