W2K multi-master features
phn at icke-reklam.ipsec.nu
phn at icke-reklam.ipsec.nu
Sat Aug 17 11:04:06 UTC 2002
Michael E. Hanson <MEHanson at gryphonsgate.com> wrote:
> In order to run M$ Win2K DNS in Multi-Master mode, you have to run it in
> Active Directory Integrated mode. In that mode, the zone doesn't really
> keep a serial number in the manner we're used to. All changes are
> identified by the server ID, a server change sequence number, and a
> timestamp. In the event of a conflict (two servers recording changes to the
> same DNS entry between replication cycles), the record with the newer
> timestamp "wins" and the older change is discarded. The traditional serial
> number is NOT a player until a DNS server that's not in the Win2K domain
> requests a zone transfer. At that time, if the DNS database has changed
> since the last time a zone transfer was performed, the serial number is
> incremented. However, if your domain/zone is AD integrated, there should
> not be any DNS servers acting as standard secondaries, they should all be AD
> Integrated.
> Running a single DNS on anything but a very small unimportant network is a
> mistake IMHO. Without DNS, your Win2K and WinXP clients will not be able to
> locate the Domain Controller and will not be able to logon. A minimum of
> two DNS servers is recommended, more if you have multiple subnets and sites.
The above does not mean that you have to use multiple MS masters, it can
be any combination of master and slaves.
And as the words "In the event of a conflict" appears, it's obvious that
"the MS-way" has conflicts and sometimes drops updates. This in itself
would motivate to use as little MS-gear as possible.
--
Peter Håkanson
IPSec Sverige ( At Gothenburg Riverside )
Sorry about my e-mail address, but i'm trying to keep spam out,
remove "icke-reklam" if you feel for mailing me. Thanx.
More information about the bind-users
mailing list