Hi Tony/Chris, Thanks for the suggestion and pointers.
At this stage, my network design is still very fluid. However, the basic architecture constrains call for at least three racks of servers. Each is served by a TOR switch. One of the servers in each rack is dedicated to DHCP/DNS services so there will be three of them at least. Each rack potentially is a subnet or VLAN by itself. Every other server in each rack should be able to reach any other servers in the whole cluster. All names and addresses are internal private ones. Questions are: 1. Does it make sense to have one DNS zone for the cluster? 2. Does it make sense to have one master authoritative DNS server and two other slaves to cover the cluster and meet the HA requirement? Thanks. David On Tue, Jan 19, 2016 at 10:14 AM, Chris Buxton <cli...@buxtonfamily.us> wrote: > On Jan 16, 2016, at 9:33 PM, David Li <dlipub...@gmail.com> wrote: >> >> Hi, >> >> I am new to BIND. I am researching for a DNS server that can meet a >> list of requirements to be used in a distributed system. They are: >> >> 1. Security (DNSSEC) >> 2. High Availability (HA) >> 3. Service Discovery (DNS-SD) > > > Hello David, > > I think you’ll find 1 and 3 are easy to find. For 2, it depends on what you > mean. Tony Finch has already given you several excellent options covering > most of the use cases. > > The one thing that is most difficult is HA for the primary master name > server, which is the target for dynamic updates and is therefore fairly > important; even a few minutes of downtime of this server might cause outages > for DHCP service, for example. There are several commercial offerings that > include this sort of HA. I work for one of these vendors, BlueCat. > > Regards, > Chris Buxton _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
