Hi, I have several internal DNS servers, one of which is a hidden master for external zones. The nameserver listed in the SOA RR is in a DMZ. The internal DNS servers forward all queries for non-authoritative zones to a DNS server in the DMZ that will perform recursive queries, but the internal nameservers are restricted from sending queries or notifications to outside nameservers (and even if they were, it's unlikely that a third-party slave would accept notifies from anything but the master as listed in the SOA RR). What is the recommended method to configure DNS notify for the internal hidden master? I recognize that I can specify 'notify-to-soa yes;' in the view statement (in which all of these zones are placed; or in individual zone statements), but that will still result in attempted notification to all of the other NS RRs for the zone. I'd prefer that the hidden master notify the NS listed in the SOA RR, and that nameserver issue notification to all of the other NS RRs after it has pulled the zone(s). Will 'notify-to-soa yes;' still initiate a notification even if I turn off notify via 'notify no;'?
TIA! _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
