"Extra" NS on zone file can be used?
Jesus Couto
jesus.couto at innosec.es
Mon Aug 14 09:58:58 UTC 2000
Hi,
Thanks for the answer. The FAQ from where I got that is the
comp.protocols.tcp-ip.domains FAQ that is included into the misc directory
of the bind-doc package; its a little bit old (7 Dec 1996), so maybe its
not on the newer versions of it.
Your idea about giving the hidden master a name that resolves
externally as a public slave sounds interesting, but implies
managing 2 different versions of a public zone file. Dont know if it
would be better to do it the hard way once, by hacking nsupdate or using
the Net::DNS perl modules to implement something like it, to save the
complication of managing 2 copies of a public zone. Unless there is
another very good reason why we shouldnt touch nsupdate; that is, some
strong reason why the NS lookup it does is unavoidable. So far I think
that with a "targeted" nsupdate, we could use the hidden master private
name on the SOA and not list it as a NS, and it would work fine, as all
updates are going to be against the same master, and the nsupdate code
that organizes updates into zones and send them to the corresponding
nameservers is not going to make any difference.
Thanks again,
Jesus Couto F.
More information about the bind-users
mailing list