BIND als backup DNS server for WXP clients

Barry Finkel b19141 at anl.gov
Mon Aug 11 15:31:31 UTC 2008 

John <linux55 at bluemail.ch> wrote:

>for some new Linux boxes(mail-server) we intend to install BIND. The
>DNS Server(W2K3/ADS/DNS/DHCP) will continue to be the DNS-server for
>the WXP boxes.
>
>
>For the case the W2K3 based ADS should be down, we would like to have
>BIND configu red to be the backup-DNS server for the WXP
>boxes.
>
>
>Question:
>1.
>Is that possible? How?
>
>
>
>Any feedback is appreciated very much. Thank you!

Any dynamic DNS has to be sent to the master server(s) for the zone.
I assume that the W2K3 DNS Server is the master.  The latest BIND,
9.5.0-P1 implements the MS gss-tsig authentication, so a BIND server
can accept secure DDNS from a MS client.  If the MS DNS Server is
down, I am not sure how you reconfigure the BIND server to be the
master server.  To which DNS Server to your W2k/AD clients point for
DNS services?  If they point to the W2K3 DNS Server, and it is down,
they don't have any other DNS server to query.  Are you using the MS
multi-master, with more than one Domain Controller being a DNS Server?
Is BIND a slave for those AD zones?  If so, then look at Q282826.

If the BIND server is a slave for those zones, then to make it the
master you would need to change the BIND config file to make those
zones mastered on BIND; you would also have to change the DNS config
on the W2K3 DNS Server to make those zones slaves.  And you would have
to change the SOA record for each zone to change the MNAME field to
point to the new master.

Depending upon the definition of 

     "For the case the W2K3 based ADS should be down,"

the W2k3 DNS Server might not be available to make these changes.
Note that there have been a large number of BIND/W2K DNS interaction
postings over the years; search the archives of this list.

I assume that you have more than one DC.  Make sure that the zones are
AD-integrated.  If you are running W2k3 DNS on only one DC, then if
that DC fails, you can easily define the zones on another DC, and
have that DNS be the master.
----------------------------------------------------------------------
Barry S. Finkel
Computing and Information Systems Division
Argonne National Laboratory          Phone:    +1 (630) 252-7277
9700 South Cass Avenue               Facsimile:+1 (630) 252-4601
Building 222, Room D209              Internet: BSFinkel at anl.gov
Argonne, IL   60439-4828             IBMMAIL:  I1004994

More information about the bind-users mailing list