Virtual Or Multiple DNS Servers on one computer?
Kevin Darcy
kcd at daimlerchrysler.com
Tue Aug 8 22:23:32 UTC 2000
Geoff King wrote:
> A client is wondering if they can run multiple DNS servers on a single
> computer?
>
> Basically they have their main dns server and a client is interested in
> controlling their own DNS server. Is this possible?
You could do this fairly easily on a multi-homed box, using "listen-on"
directives (along with "pid-file", etc.) Even a box with a single physical
interface can be multi-homed these days using "virtual" interfaces or
"interface aliases".
Of course, security may be a concern here. You may wish to run the
nameserver instances as (presumably different) non-root users, especially
if you're using Dynamic Update; that way, the users can fiddle with the
zone files named writes without needing superuser. Restarting the named
process still requires superuser, but you can use something like "sudo" to
restrict restart ability to only the appropriate users for a particular
instance. Depending on your paranoia level, you may also want to chroot
each instance in a separate area.
- Kevin
More information about the bind-users
mailing list