secondary on different network

Bob Vance bobvance at alumni.caltech.edu
Mon Sep 25 15:09:45 UTC 2000


Well, I think that I found a good reason to add always the NS record for
a slave -- "notify".
The NS for that zone are notified by default if notify is on.
So, I guess, "stealth" severs must be notified by means of an
   "also-notify option"
?
I would point out that the documentation on "notify" in the Boolean
section does not mention this fact, but it *is* mentioned in the "zone"
section discussion of "notify".  Of course, it makes perfect sense,
but, until I saw it there, I was unsure *exactly* how the master knew
which servers to notify.

-------------------------------------------------
Tks        | <mailto:Bob_Vance at sbm.com>
BV         | <mailto:bobvance at alumni.caltech.edu>
Sr. Technical Consultant,  SBM, A Gates/Arrow Co.
Vox 770-623-3430           11455 Lakefield Dr.
Fax 770-623-3429           Duluth, GA 30097-1511
=================================================





-----Original Message-----
From: bobvance at alumni.caltech.edu [mailto:bobvance at alumni.caltech.edu]
Sent: Saturday, September 23, 2000 4:35 PM
To: bind-users at isc.org
Subject: RE: secondary on different network



Nobody addressed this yesterday and I'm not sure that it made it into
the
list, so I'm reposting it.

-------------------------------------------------
Tks        | <mailto:Bob_Vance at sbm.com>
BV         | <mailto:bobvance at alumni.caltech.edu>
Sr. Technical Consultant,  SBM, A Gates/Arrow Co.
Vox 770-623-3430           11455 Lakefield Dr.
Fax 770-623-3429           Duluth, GA 30097-1511
=================================================

-----Original Message-----
From: bob vance
Sent: Friday, September 22, 2000 5:18 PM
To: blst
Subject: RE: secondary on different network


Now, I'm just speaking "theoretically", and in order to try to
understand the technical workings, but ...

>add an NS record for your secondary to make it authoritative.

I was under the impression that adding the NS record, as stated, does
*not* make the secondary authoritative.  The fact that he is a slave
already makes him think that he's authoritative -- if he gets queried,
he'll respond authoritatively.

Out of the box, nothing *has* to be done on the master (primary).
Set up the secondary server as stated by Nitin, and that's enough,
unless
you have some kind of security on the master or on intervening routers
and/or firewalls that won't allow the slave to do an xfer.

The NS record just allows the server in question to be included in the
list of authoritative servers for that sub-domain and thus enables other
servers to find out about him and to query him to handle a recursive
request or to refer non-recursive queries to him.
Of course, this could be a pretty handy thing to have, like, say, on ...
the Internet :)

But in a small, internal network, you might just be adding a secondary
and *could* have the clients list the 2 servers in the resolver
nameserver list and make no change on the primary.  Nobody else might
need to know about the new server.

Not that it's *that* much effort to add the NS record into the zone cut
of the parent and the zone data of the authority -- assuming that you
are
the admin on them.


OK, gurus.  Is there any validity to my above ramblings ?

-------------------------------------------------
Tks        | <mailto:Bob_Vance at sbm.com>
BV         | <mailto:bobvance at alumni.caltech.edu>
Sr. Technical Consultant,  SBM, A Gates/Arrow Co.
Vox 770-623-3430           11455 Lakefield Dr.
Fax 770-623-3429           Duluth, GA 30097-1511
=================================================





-----Original Message-----
From: news at uunet.ca [mailto:news at uunet.ca]On Behalf Of Nitin Mule
Sent: Friday, September 22, 2000 12:55 PM
To: comp-protocols-dns-bind at moderators.isc.org
Subject: Re: secondary on different network



Same or different network.. does it make a difference? Just setup the
zones
in named.conf on your secondary and point them to your primary. On you
primary, in the zone file, add an NS record for your secondary to make
it
authoritative.

Hope this helps,
Nitin

Martin wrote:

> How do I set up a secondary server on a different network and domain?
> (eg primary on 123.45.6.7 and secondary at 234.123.123.2)  I'm not
trying
> to do anything fancy, just get the thing working.
>
> tia,
> Martin
>
> ps. please post a reply to mailto:martin at teachyou.com









More information about the bind-users mailing list