In message <[EMAIL PROTECTED]>, Nicholas F Mille
r writes:
> I have a couple of questions regarding how a Microsoft domain
> controller updates a dynamic zone.
>
> 1 ) When a domain controller tries to update the zone does it try the
> DNS servers it has listed in its network settings or does it follow
> the SOA for the zone?
There are knowledge base article which describe this fully.
I suggest that you search the Microsoft knowledge base for
the complete answer.
> 2) In the configs below does the slave server's IP need to be listed
> in the allow-update declaration on the master zone server?
>
> Master Server - 1.2.3.4
>
> zone "actived.example.com" {
> type master;
> file "named.ad";
> allow-update {
> 1.2.3.4; // master DNS server
> 11.22.33.44; // domain controller 1
> 55.66.77.88.99; // domain controller 2
> };
> allow-transfer {
> 5.6.7.8 // slave DNS server;
> };
> };
>
> Slave Server - 5.6.7.8
>
> zone "actived.example.com" {
> type slave;
> file "named.ad";
> allow-update-forwarding {
> 11.22.33.44; // domain controller 1
> 55.66.77.88.99; // domain controller 2
> };
> allow-transfer { none; };
> masters {
> 1.2.3.4 // master DNS server
> };
> };
As you are allowing updates based on IP address, then yes, you
need to specify the update forwarders address. If you were using
TSIG then you don't need to as the signed message will be forwarded.
Mark
> Thanks,
> ________________________________________________________
> Nicholas Miller, ITS, University of Colorado at Boulder
>
> _______________________________________________
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: [EMAIL PROTECTED]
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
