Split Brain and Authoritativeness (Problems)

Stephen Holmes sholmes at atlan-tech.com
Wed Oct 13 07:34:14 UTC 1999


I'm having problems running DNS since an architecture overhaul.
I wonder if anybody would be so good as to point me at a source of
advice.

Here's what I've done, and what seems to be happening.

Our network was re-organised to a split brain scheme which can be
summarised as follows.

All servers are Sun workstations running Solaris 2.5 or 2.6.
Sun's "Standard" version on bind is running on each.

External server, Acts as primary for public addresses and reverse
addresses.
    2 off site secondaries are run off the primary.

Internal servers.
    Primary runs forward and reverse maps for all internal addresses -
some tie in with public stuff, others are private test networks.
    Root map points at the Internet's root servers, so off site queries
get resolved.

    Secondaries load internal maps from the primary, but also refer
other queries to the Internet's root servers.

    Secondaries on the private test networks load internal maps from the
internal primary, but have their own


This all ran OK for a while, after which, various maps seem to have
stopped propagating to their secondaries.
    Al maps on the primary server look to be OK.
    None of the forward maps are published on the main internal
secondaries.
    The reverse maps appear to still be functioning quite happily.

I suspect this is something to do with the root server not being
authoratitive, but don't know how to fix the problem.
The "Root" map on the normal internal servers references the internet
roots.
These know about our external server, but not the internal one (probably
denying it authority as far as most of the secondaries are concerned).

I'd appreciate comments from people who have done this in the past,
also references to information which describes this sort of
configuration.
Finally any comments on how to make my domain authorative would be
exceptionally welcome..


Thanks

Steve Holmes



More information about the bind-users mailing list