In article <mailman.1077.1358370123.11945.bind-us...@lists.isc.org>, Chuck Swiger <cswi...@mac.com> wrote:
> On Jan 16, 2013, at 12:40 PM, Dave Warren wrote: > > Is there anything technically wrong with having a SOA MNAME field that > > isn't listed as a NS record? > > Sure. The SOA MNAME is expected to be the "primary master" nameserver for > the zone; it's where things like dhcpd and such send dynamic updates for the > zone to. But that doesn't mean it should be the server for resolver queries. > > > The server listed as MNAME will host the zone and is authoritative for the > > zone, but out of latency concerns it isn't ideal to have other resolvers > > querying this server. > > Okay...so why would you use that nameserver at all, then? > > Choose a nameserver which is suitable for other resolvers to query for your > master. The master could be behind a firewall that only allows the published nameservers to connect to it. The performance requirements of a nameserver that serves public queries are different from a server that only has to respond to zone transfer requests from the published nameservers. > > Various online DNS diagnostic tools throw warnings, but as far as I can > > tell from the RFCs, this is a valid configuration. Is it valid? Are there > > any operational gotchas to be aware of or can I ignore the "warnings"? Consider this a sanity check, in case you intended to list one of the NS records but made a typo, not a validity check. -- Barry Margolin Arlington, MA _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
