transfer with views
Alan Clegg
aclegg at isc.org
Sat Jan 1 14:33:59 UTC 2011
On 1/1/2011 9:15 AM, Gary Wallis wrote:
> You will need to setup one virtual IP for each extra view.
Not since very versions of BIND that are long-since EOL'd. The FAQ goes
into how to use TSIG keys to deal with "picking the right one".
> This is what no one here addresses clearly and upfront:
>
> The truth is that when you need N views, BIND transfer is a royal pain,
> for almost all networks and IT departments.
Setting up views correctly is not simple. If you HAVE to do it, it's
much easier to do it with BIND than it is to do it with alternative
methods (in my opinion).
> Think about it.
Given choices, I think I'm in agreement with you: I'd chose to not do
views.
Based on the posts here, the OP is going to do views. The best thing to
do is provide the best method of replicating those views to the machines
that are providing slave services without using external applications.
If it were me and I had no other choice than to use views, I'd get into
the system and re-wire everything using BIND 9.7.2 and write a set of
scripts that used "rndc addzone" and "rndc delzone" to control the
master and all of the slaves, configure TSIG keys to manage zone
transfers between hosts, etc.
> Cheers!
and Happy New Year!
May 2011 be the best one before we all perish in the fires of whatever
is going to happen in 2012! :)
AlanC
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 260 bytes
Desc: OpenPGP digital signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20110101/dfc99314/attachment.bin>
More information about the bind-users
mailing list