我来自 Windows。
一旦安装了 DNS 服务器角色,Windows 就会下载“根服务器”列表,将查询发送给其中一个服务器并缓存响应以供进一步使用。这里没有转运商。
我希望 Bind 具有同样的功能:没有本地域和转发器的公共 DNS 服务器。只需查询根服务器并缓存响应即可。
我在 Google 上搜索了 2 天,阅读了 20 多个教程,但无济于事。
答案1
没有什么特别需要做的,因为“转发”是一个额外的特定功能,正常操作不需要。只需启用递归bind,不要在其中设置任何区域,它就会成为递归名称服务器。您可能还想探索更简单的替代方案,例如unbound。
递归名称服务器将执行迭代查询以获得最终答案。转发查询是针对非常特殊的需求或想要共享缓存/拥有缓存层次结构的极端情况。
请参阅 RFC 8499 中的“DNS 术语”部分:
Recursive mode: A resolution mode of a server that receives DNS queries and either responds to those queries from a local cache or sends queries to other servers in order to get the final answers to the original queries. Recursive resolver: A resolver that acts in recursive mode. In general, a recursive resolver is expected to cache the answers it receives (which would make it a full-service resolver), but some recursive resolvers might not cache. [..] Forwarding: The process of one server sending a DNS query with the RD bit set to 1 to another server to resolve that query. Forwarding is a function of a DNS resolver; it is different than simply blindly relaying queries. Forwarder: Section 1 of [RFC2308] describes a forwarder as "a nameserver used to resolve queries instead of directly using the authoritative nameserver chain". [RFC2308] further says "The forwarder typically either has better access to the internet, or maintains a bigger cache which may be shared amongst many resolvers." That definition appears to suggest that forwarders normally only query authoritative servers. In current use, however, forwarders often stand between stub resolvers and recursive servers. [RFC2308] is silent on whether a forwarder is iterative-only or can be a full-service resolver.