12 Feb
2012
12 Feb
'12
12:37 a.m.
On Sun, February 12, 2012 12:06 am, Daniel NĂ©ri wrote:
On Sun, Feb 12, 2012 at 00:13, Andy Bennett
<andyjpb(a)ashurst.eu.org>
wrote:
I don't believe such behaviour is particularly widespread, and hence I
would be reluctant to rely upon it in practice. Indeed, RFC2182 is quite
clear on the importance of having reachable DNS even if the referenced
services are affected by the same issue(s) (e.g. if sat on the same box):
-----
3.3. A Myth Exploded
An argument is occasionally made that there is no need for the domain
name servers for a domain to be accessible if the hosts in the domain
are unreachable. This argument is fallacious.
+ Clients react differently to inability to resolve than inability
to connect, and reactions to the former are not always as
desirable.
+ If the zone is resolvable yet the particular name is not, then a
client can discard the transaction rather than retrying and
creating undesirable load on the network.
+ While positive DNS results are usually cached, the lack of a
result is not cached. Thus, unnecessary inability to resolve
creates an undesirable load on the net.
+ All names in the zone may not resolve to addresses within the
detached network. This becomes more likely over time. Thus a
basic assumption of the myth often becomes untrue.
It is important that there be nameservers able to be queried,
available always, for all forward zones.
-----
Mathew
If your MX is down then senders' MX will
generally queue the message and retry for a few days. If DNS is down and
the MX record cannot even be resolved then the mail will bounce
immediately.
This seems to be a common misconception.
A properly implemented MTA must queue and retry also on temporary DNS
lookup errors.