On Wed, 2016-01-06 at 18:04 +, Darcy Kevin (FCA) wrote:
> I'd just like to note in passing that the "separate authoritative and
> recursive" herd mentality reaches the ultimate point of absurdity
> when you only have 2 servers and you're going to create single points
> of failure (apparently, u
Hi Tony,
Thank you for the suggestions!
On Wed, 2016-01-06 at 16:05 +, Tony Finch wrote:
> * Set up a new hidden master, with copies of your zones. (See below)
>
> * Change your existing servers to slave from the new hidden master
> instead of the old master. Reconfigure the old master to be
On Wed, 6 Jan 2016, Carl Byington wrote:
My zones are currently using algorithm 5 (RSASHA1), with two KSKs and
two ZSKs with overlapping timers. In preparation for updating to
algorithm 8 (RSASHA256), I read:
The bind-users thread "KSK signing all records; NSEC3 algorithm
status?"
https://tool
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
My zones are currently using algorithm 5 (RSASHA1), with two KSKs and
two ZSKs with overlapping timers. In preparation for updating to
algorithm 8 (RSASHA256), I read:
The bind-users thread "KSK signing all records; NSEC3 algorithm
status?"
https:
I'd just like to note in passing that the "separate authoritative and
recursive" herd mentality reaches the ultimate point of absurdity when you only
have 2 servers and you're going to create single points of failure (apparently,
unless I'm misinterpreting "stand alone") to conform to this so-ca
Peter Rathlev wrote:
> We currently have two internal DNS servers that are both authoritative
> for a range of internal zones and caching resolvers for our clients. We
> would like to split this so authorizative and caching roles exist on
> different servers. And we would like to do this with as
We currently have two internal DNS servers that are both authoritative
for a range of internal zones and caching resolvers for our clients. We
would like to split this so authorizative and caching roles exist on
different servers. And we would like to do this with as little down
time as possible, a
7 matches
Mail list logo
