On 15/11/2011 12:50, Jeremy MAURO wrote: > I asking you all for you best practice regarding your internal DNS and > zones. > > I have a 2 DNS servers used as Internal DNS and Resolvers, here is the > dilemma, should I declare in each internal zone my NS with a glue record: > > $ORIGIN example.internal. > ; NS records > IN NS ns1 > IN NS ns2 > ns1 IN A 10.10.10.10 > ns2 IN A 10.10.10.11 > > > Or should I point toward the NS server from my principal zone: > > $ORIGIN example.internal. > ; NS records > IN NS ns1.principal.internal. > IN NS ns2.principal.internal. > > > Which one of those 2 samples is the best one and the closer from the > RFCs? As far as I know, the second sample should be the best one since > the RFC 1912 says "Some people get in the bad habit of putting in a glue > record whenever they add an NS record 'just to make sure'." > > Any opinion is approached.
If you've already got A (and PTR) records set up for your nameservers,
then there's no advantage to adding more A records in each zonefile.
Especially given that all those zones are served from the same set of
authoritative servers.
Having one A record for each nameserver makes it much easier if you ever
need to renumber the server.
In a more complex setup with different zones distributed over various
different sets of internal servers, having a unique A record for each
server makes it much clearer which server is actually serving which zone.
Cheers,
Matthew
--
Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard
Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate
JID: matt...@infracaninophile.co.uk Kent, CT11 9PW
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
