Better solution than making a recursive nameserver authoritative?
Doug Barton
dougb at dougbarton.us
Fri Jun 24 19:06:31 UTC 2011
On 06/24/2011 10:39, David Coulthart wrote:
> Currently the two recursive caching nameservers for clients on our network are also authoritative for a few zones. In particular, they are authoritative for:
>
> 1) our main forward zone (columbia.edu) in order to provide an internal view of the zone
> 2) RFC 1918 reverse zones (e.g., 10.in-addr.arpa)
>
> I would like to follow best practices by separating authoritative& recursive functionality.
TMK that concept applies to authoritative servers queried by _others_
(i.e., listed in NS records). I have always configured my internal
resolvers in the manner you describe, and have never had any problems
with it.
hth,
Doug
--
Nothin' ever doesn't change, but nothin' changes much.
-- OK Go
Breadth of IT experience, and depth of knowledge in the DNS.
Yours for the right price. :) http://SupersetSolutions.com/
More information about the bind-users
mailing list