![](https://seccdn.libravatar.org/avatar/4c27a583d12246b34aec3874e75c9ee6.jpg?s=120&d=mm&r=g)
On Thu, Feb 15, 2001 at 01:13:10AM -0500, Steven T. Hatton wrote:
In summary, my first question is as follows: what is the default behavior of the clients and DNS servers within my zone with respect to resolutions which go outside of my zone?
Clients are dumb. They can only query a server, and wait for an answer. If the server that was queried cannot provide an answer then the query fails, and the client assumes that the domain does not exist. The server must do all of the work for a client. When a server receives a query, it goes out and queries as many other name servers as needed in order to resolve a domain name. A DNS server first checks its cache for the answer. If the answer is not in cache, or in its authoritative data, then the server queries the root nameservers. Then it queries the TLD name servers, followed by the servers for the specified domain, and so on until it finds the answer. It caches all of this data, but only returns the final IP address to the client. Next time a client queries the server for the same address, the server can respond from cache. The "forwarders" option in named.conf changes the default behavior above. Basically, if you include a list of servers with the forwarding option, then the server will query them for the answer. The server starts by looking in its cache and authoritative data. If the answer is not there it queries the forwarders. They then do all of the work, and just return the answer to your nameserver. If the forwarders are not available for some reason, then your server falls back on the default behavior that I outlined above. Finally, there is the "forward-only" option. If this is set, your nameserver will act as a "caching only" nameserver. However, it will not fall back into default behavior if the forwarders are not available. If the forwarders are not available, the query fails.
My second question is something I believe I should know the answer to, but I have never understood it. This is the 168.117.138.0/24 notation. I believe /24 means the same as a net mask of 255.255.255.0 the 24 indicates the number of bits counting from the left which are masked. 255.255.255.0 base 10 = 11111111.11111111.11111111.00000000 which has 24 '1's. Is this correct?
That is correct. HTH, Victor Cardona