On 10/26/2018 01:08 AM, N6Ghost wrote:
maybe its just old habits,
Fair enough. I know that I have plenty of my own old (¿bad?) habits too.
i think its a bad idea to build your infrastructure in a way the needs forward zones to work. not when you can build it with proper delegation.
i just think when building namespaces proper delegation should be used and forward zones should be avoided if you can.
Ah.I see forward zones, and slaving, as tools to help enable restricted environments work. Specifically where there is proper delegation as seen by the larger organization and / or the Internet. I've had a few departments where they were not allowed to access anything outside their network. So their local DNS server (running on a multihomed bastion) would slave or forward zones from the larger organizational namespace. The limitation was imposed by the small department, not an issue with the overall namespace.
-- Grant. . . . unix || die
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
