On Thu, Mar 10, 2022 at 7:48 PM Mark Andrews wrote:
>
> To answer your question about what you are overlooking the answer is
“DNSSEC”.
Thank you for the detailed response Mark.
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of
I am trying to replicate a working configuration on an older host
that has a caching server that forwards to an Active Directory DNS
server at 172.18.0.2 that is part of a split-brain setup with a public
copy of its zone hosted with Goggle.
When I attempt to resolve a record on the new caching ser
Got around to adding a virtual interface on the production box (I never could
get this
working with keys alone), I had labbed this up previously in reverse of what I
needed
but transfers were broken on the production box when I reversed the views that
contained the master/slave.
The following wo
>Bad decision on the deployment option, IMO. Not sure even what you mean
>by "removed", since it's deeply integrated into all modern networking
>stacks. Either you severely crippled your networking subsystem, or it's
>not as "removed" as you were told it was.
Disabled with all the correct measures
>If one view or the other communicates exclusively with other devices on
>the same link, you could probably get away with using an IPv6 link-local
>address, which is likely already present on your system (if you're
>running a modern OS), and is probably "invisible" to the other apps
>you're running
>What do you mean you can’t have additional IPs? Even if you don’t
>have other network connections you can use virtual IPs on a single
>NIC. I have one server (not DNS) that has 30 virtual IPs on a single NIC.
Well, there is other software I was hoping to avoid reconfiguring if I add a
virtual
I have an RHEL server running Bind 9.7 that needs to have a zone set to master
and
slave between two views. I don't have the luxury of an additional IP, is this
still possible
with a single ip address?
Thanks!
jlc
___
Please visit https://lists.isc.org
>You can have views and separate zone files. You need to plan and it
>helps to read the FAQs at ISC about this.
>
>http://www.isc.org/faq/item/191
Didn't even think about it that way, ok.
>http://www.isc.org/faq/item/182
How does one actually do away with views if that was an approach?
Docs su
>Hm, are you using the same zonefile for both your versions of the zone,
>trying to share it between multiple views? If you are - don't. Views are
>an abomination, giving people plenty of rope to hang themself with AND
>plenty of chances to shoot themselves in the feet :D
Ahh, yes you are right, I
Are there any tunable's to speed up the propagation of dynamic updates between
views without manually freezing and thawing the zone?
Thanks!
jlc
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users
10 matches
Mail list logo
