"Hidden" masters/primary.

Barry Margolin barmar at bbnplanet.com
Wed Oct 6 19:39:03 UTC 1999


In article <37FB9819.4A01CD09 at centergate.com>,
Rodney Joffe  <rjoffe at centergate.com> wrote:
>A number of people seem to be using so-called "hidden" masters, that do
>transfers to the nameservers that are actually listed in the tld servers
>(i.e. the master is not listed anywhere publically).
>
>Someone has suggested that this "breaks" the rfc. I don't see it.

Someone in this group, or some colleague of yours?  We're making extensive
use of hidden primaries.

>Is anyone aware of something that bind may have that gets upset at this?
>Or does it in fact break something? Or is it maybe mentioned in a "best
>practices" document?

There was a version of BIND that complained if the server listed in the SOA
record wasn't also listed in the NS records.  I think it was BIND 8.1, and
the check was removed in 8.1.1.

If you don't list the primary master in the SOA record, dynamic update
won't work, since it sends the updates to the server in the MNAME field.
If you're using a hidden primary, it should still be safe to list the
hidden primary in the SOA record.  Only the NS records are important in
classifying a server as hidden or not.

-- 
Barry Margolin, barmar at bbnplanet.com
GTE Internetworking, Powered by BBN, Burlington, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.


More information about the bind-users mailing list