Re: Primary and Secondary DNS one 1 server...
On Thu, 27 Jan 2000, Robert Waldner wrote:
> ....
> this is probably the best solution because you can take
> all the zones and configuration and simply move it to/fro
> your (then) only server.
>
This is refused by some registries. In Hungary, for example, the
registries only register domains which have two DNS servers on separate
power and network connectivity. The registry checking script even checks
that the two DNSes are on different subnets.
This most certainly does not satisfy all requirements.
A much preferrable setup is:
Have a master server and two or more slave servers.
Publish the slave servers as DNS server for the registry.
Have the slave servers download the zones from the master server.
You can move the master server anywhere on any machine, without bothering
the registry, you only need to modify the master ip address in
/etc/named.conf.
You can setup another slave DNS server with a pasting of the necessary
zone entries into /etc/named.conf and reloading it.
They don't know where your data resides, hence they have a much harder
challenge to insinuate data into the DNS servers.
The master dns server can be a small machine since it will have almost no
traffic.
Of course if you have one machine, this is problematic.
Robert Varga
Reply to: