If the multihomed host is local and shares a network or subnet with your host, one of the multihomed host's addresses is "closer." If the multihomed host is remote, you may see better performance using one interface instead of another, but often it doesn't matter much which address is used. In days long past, net 10 (the former ARPAnet "backbone") was always closer than any other remote address. The Internet has improved drastically since those days, so you won't often see a marked performance improvement when using one network over another for remote multihomed hosts, but we'll cover that case anyway.
Before we get into address sorting by a name server, you should first look at whether address sorting by the resolver better suits your needs. (See Section 6.1.5, "The sortlist Directive" in Chapter 6, "Configuring Hosts".) Since your resolver and name server may be on different networks, it often makes more sense for the resolver to sort addresses optimally for its host. Address sorting at the name server works fairly well, but it can be hard to optimize for every resolver it services. Resolver address sorting was added in BIND 4.9, though, so if your resolver (not your name server) is older than 4.9 or isn't BIND at all, you're out of luck. You'll have to make do with address sorting at the name server, which was introduced in 4.8.3.
In an uncommon turn of events, the name server's address sorting feature was removed in early versions of BIND 8, primarily because of the developers' insistence that it had no place in the name server. The feature was restored -- and in fact enhanced -- in BIND 8.2. BIND 9.1.0 is the first BIND 9 release to support address sorting.
In Chapter 4, "Setting Up BIND", we mentioned that BIND returns all the addresses for a multihomed host. There was no guarantee of the order in which a DNS server would return the addresses, so we assigned aliases (wh249.movie.edu and wh253.movie.edu for wormhole.movie.edu) to the individual interfaces. If one interface was preferable, you (or more realistically, a DNS client) could use an appropriate alias to get the correct address. You can use aliases to choose the "closer" interface (e.g., for setting up NFS mounts), but because of address sorting, that's not always necessary.
BIND 4 servers, by default, sort addresses if one condition holds: if the host that sent the query to the name server shares a network with the name server host (e.g., both are on network A), then BIND sorts the addresses in the response. How does BIND know when it shares a network with the querier? It knows because when BIND starts up, it finds all the interface addresses of the host it's running on. BIND extracts the network numbers from these addresses to create the default sort list. When a query is received, BIND checks whether the sender's address is on a network in the default sort list. If it is, then the query is local and BIND sorts the addresses in the response.
In Figure 10-3, let's assume that there is a BIND 4 name server on notorious. The name server's default sort list would contain network A and network B. When spellbound sends a query to notorious looking up the addresses of notorious, it gets an answer back with notorious 's network A address first. That's because notorious and spellbound share network A. When charade looks up the addresses of notorious, it gets an answer back with notorious 's network B address first, because both hosts are on network B. In both these cases, the name server sorts the addresses in the response because the hosts share a network with the name server host. The sorted address list has the "closer" interface first.
As you can see, you benefit by running a name server on each network; not only is your name server available if your router goes down, it also sorts addresses of multihomed hosts. Because the name server sorts addresses, you do not need to specify aliases for NFS mounts or network logins to get the best response.
The sortlist arguments are appended to the default sort list. With this sortlist directive, the sort list on terminator.movie.edu now contains networks 192.249.249/24 and 10/8. Now, when a user on terminator.movie.edu queries the name server on terminator.movie.edu and the name server sorts the response because the query is local, the name server will check for addresses on the 192.249.249/24 network and place them first in the response. If there are no addresses on 192.249.249/24, it will check for 10/8 addresses and place them first in the response. This solves the problem we described earlier; now when reanimator.movie.edu is looked up, its address on network 10/8 will be placed first in the response.sortlist 10.0.0.0
sortlist 10.0.0.0 26.0.0.0
The sortlist substatement takes an address match list as an argument. Unlike address match lists used as access control lists, though, sortlist 's has a very specialized interpretation. Each entry in the address match list is itself an address match list with either one or two elements.
If an entry has only one element, it's used to check the IP address of a querier. If the querier's address matches, then the name server sorts addresses in a response to that querier so that any addresses that match the element are first. Confusing? Here's an example:
The only entry in this sort list has just one element. This sort list sorts addresses on the network 192.249.249/24 to the front of responses to queriers that are also on that network.options { sortlist { { 192.249.249/24; }; }; };
If an entry has two elements, the first element is used to match the IP address of a querier. If the querier's address matches, the name server sorts addresses in a response to that querier so that any addresses that match the second element come first. The second element can actually be a whole address match list of several elements, in which case the first address added to the response is the one that matches first in the list. Here's a simple example:
This sort list applies to queriers on 192.249.249/24 and sends them addresses on their own network first, followed by addresses on 192.253.253/24.options { sortlist { { 192.249.249/24; { 192.249.249/24; 192.253.253/24; }; }; }; };
The elements in the sort list specification can just as easily be subnets or even individual hosts:
options { sortlist { { 15.1.200/21; // if the querier is on 15.1.200/21 { 15.1.200/21; // then prefer addresses on that subnet 15/8; }; // or at least on 15/8 }; }; };