Have you considered dynamically regenerating view definitions based on your
rules?
If the results of your rules are stable for minutes at a time, it may work.
Regards,
Chris.
2008/12/5 Ken DBA <[EMAIL PROTECTED]>
>
>
>
> --- On Fri, 12/5/08, Kevin Darcy <[EMAIL PROTECTED]> wrote:
>
> > From: K
-- Forwarded message --
From: Chris Dew
Date: 2009/3/20
Subject: Re: No name resolution when slave is down
To: "Dennis J."
Asking the obvious here, but does your domain registrar list both your
master and your slave as authoritative nameservers for your domain?
I would use a #include in the zone file on the internal machine to include
the contents of zone file on the external machine. (NFS mount, or cron'ed
rsync copy.)
You could use views/split horizon dns and run them both off of one server,
but this seems unneeded and nasty.
http://www.finalcog.com/d
You could use the ecrypt fs for the location of the zone data - it
would require a passphrase when bind starts up on the slave - this
could cause trouble if the slave crashes.
In general there is NO way of having encrypted data on a machine AND
having the keys on that same machine AND making it 10
gt; i agree that storing the key and the encrypted data on the same
> machine is useless in security terms. that why i'm looking for a build
> in solution .
> is there's any way the slave server can save the zone in format
> diffent then clear text ?
>
> Thanks
>
>
No, we've had to work around these limitations of axfr/notify, so that
we can take this concern away from our customers.
I would love to find a nice bind-supported way of dealing with
views/axfr/notify, so if you find anything, please let me know.
Thanks,
Chris
http://www.finalcog.com
2009/3/2
IPSEC really isn't too onerous between machines with static IP
addresses just a thought.
2009/3/25 Ram Akuka :
> 2009/3/25 Alan Clegg :
>> Ram Akuka wrote:
>>
>>> Is there's any way I can encrypt the zone transfer date (without using
>>> any third-party encryption tool)?
>>
>> Why exactly do y
You may be interested in using circular buffers, instead of a log file.
http://www.finalcog.com/replace-logs-emlog-circular-buffer
I've used emlog successfully in the past and been very pleased with
it's performance.
Hope this is useful.
Chris.
2009/4/29 Scott Haneda :
> I have read the other
Are there performance increases/decreases involved with using a db in
place of bind's normal zone files?
Is there a sqlite3 backend to bind?
Regards,
Chris.
--
http://www.finalcog.com/
2009/5/4 David Ford :
> I use the DLZ/PG backend and it's rock solid. I use Ant with a few
> modifications
9 matches
Mail list logo
