[Blink] outbound proxy not used
Luci Stanescu
luci.stanescu at gmail.com
Fri Oct 1 20:50:27 CEST 2010
On 09/29/2010 06:14 PM, Juha Heinanen wrote:
> Adrian Georgescu writes:
>
>> Blink does not use your local resolver, it has his own built-in DNS
>> resolver to solve problems related to broken DNS resolvers that are
>> unable to resolve SRV and NAPTR records.
>
> so it requires that all names are on public name servers reachable via
> root dns servers? if so, looks like a limitation in enterprise
> environment. perhaps it would be a good idea to be able to turn off the
> built-in resolver.
Actually, this is not a requirement. Blink doesn't keep a list of root
nameservers, so it asks the local nameserver (i.e. from
/etc/resolv.conf) for the authoritative nameserver of the domain. It
does this by querying for the NS records of a domain, stripping each
label until it gets a result. In your case, that'd mean:
sip.test.fi. IN NS
test.fi. IN NS
fi. IN NS
Once it gets a result, it queries those nameservers for anything else it
might need. In short, this means it should work in your case as well as
long as your nameservers answer the queries correctly. As far as I know,
this is perfectly standard compliant. The only downside to this approach
is that you are effectively bypassing the cache of any resolvers along
the way: that means more queries on the authoritative nameservers;
however, I really doubt this could cause any problems as the number of
queries is really not that big.
--
Luci Stanescu
More information about the Blink
mailing list