On Tue, Mar 12, 2013 at 1:52 AM, Bob Proulx <b...@proulx.com> wrote: > ChadDavis wrote: > > > Why are you overriding the nameserver? If you control the dhcp server > > > then the better option is to have it provide the desired information > > > there instead of having clients override it. > > > > I don't want to override it. I want to add additional nameservers that > > "know" about a domain that I need to resolve. > > It doesn't work that way. Nameservers listed in /etc/resolv.conf are > tried in order. The first one that can be contacted is the one used. > If a contacted nameserver does not know about a name then it is a > negative response. No other nameservers are contacted. > > The reason for listing up to three nameservers is that if one is > offline then it will fall through to the next one. But when the first > one answers then the answer it provides will be authoritative. See >
Ok. I believe you are correct on this behavior, i.e. if I have two DNS nameservers configured, the second one is purely a failover. In other words, if the first one can't resolve a given hostname, it does NOT then consult the second one. The second nameserver is only contacted if the first one is down. This is what I understand you to have said. And I do believe you. But when I try to resolve a hostname that I know isn't valid, it sure looks like the second one is consulted. Here's my output from nslookup on a invalid hostname. chadmichael@heraclitus:~$ nslookup chad-vm2 ;; Got SERVFAIL reply from 10.110.199.20, trying next server Server: 10.110.200.85 Address: 10.110.200.85#53 ** server can't find chad-vm2: SERVFAIL Doesn't this mean that .20 said "I can't resolve that hostname", and this caused a second attempt at my second nameserver .85? This contradicts what I thought you had explained. How does this all relate?
