Primary DNS is NT-based but Want Secondary with Linux

Thor Kottelin thor at anta.net
Wed Feb 2 08:56:02 UTC 2000



BIND Users Mailing List wrote:

> From: Philip Forst <phil80 at netscape.net>

> I am considering setting up a secondary DNS in my office using bind 8.2 w=
> ith a
> Linux-Mandrake 6.0 box.

> The issue is that the primary DNS is NT-based.  From what I've read, "pro=
> per"
> set up a secondary DNS constitutes getting copies of named.conf and the d=
> b.*
> (zone files) from the primary and making the appropriate changes  in
> named.conf (slave instead of master, etal).
> 
> Does a NT-based primary DNS have the same files such that bind on a Linux=
>  box
> can execute a zone transfer?

IIRC, there's a registry hack that will allow you to control Microsoft DNS
using a configuration file instead of through the NT registry. I don't
know whether it would be possible to turn that file into a proper BIND
named.conf. This is a grey area for me - my Microsoft DNS servers boot
from the registry - so if I was faced with your task, I'd probably write
the named.conf manually (unless there were a large number of domains, in
which case I'd look for a scripted solution).

The zone files will probably be differently named and located, but zone
transfers will still work. Think of it as using ftp on a Linux box to
download files from your NT IIS FTP server - the common protocol makes
this possible.

> Can something like this work without a lot of specialized configuration
> changes or am I looking at a lot of potential problems with this kind of
> setup?  Any voices of experience?

The only frequently occurring problem I have encountered with BIND
secondaries for Microsoft DNS primaries has been the WINS and WINS-R
records. They are Microsoftisms that BIND will choke on, so you need to
configure your Microsoft DNS servers to use WINS information locally only;
this way, those records will never be included in a zone transfer. Of
course, this means that BIND won't be able to use Microsoft's
DHCP/WINS/DNS integration; if necessary, you could work around this by
placing your DHCP clients in a separate subdomain, and not delegate this
subdomain to any non-Microsoft name servers.

Thor

-- 
My PGP public key is available on key servers - please use it!

Powerful, automated web hosting: <http://www.virtualis.com/vr/tkotteli/>




More information about the bind-users mailing list