BIND Secondaries of MS AD Integrated Zones

jim.sifferle at jim.sifferle at
Wed Nov 18 01:01:57 UTC 2009

Hi all,

Most of our internal DNS zones are mastered in Microsoft DNS (2k3 R2) as AD Integrated zones.  Currently, those zones are slaved from a single MS DNS server to our BIND 9 servers that handle recursion.  Is there a reliable way to use multiple masters when slaving AD Integrated zones to BIND?  

In the O'Reilly book "DNS on Windows Server 2003" a section on p. 324 called "BIND Secondaries for Active Directory-Integrated Zones" says serial numbers can vary on otherwise synchronized MS DNS Servers, potentially causing a server to respond with an incorrect lower serial number.


Jim Sifferle
Tektronix / Fluke Network Services

More information about the bind-users mailing list