Better solution than making a recursive nameserver authoritative?

Doug Barton dougb at dougbarton.us
Fri Jun 24 19:06:31 UTC 2011


On 06/24/2011 10:39, David Coulthart wrote:
> Currently the two recursive caching nameservers for clients on our network are also authoritative for a few zones.  In particular, they are authoritative for:
>
> 1) our main forward zone (columbia.edu) in order to provide an internal view of the zone
> 2) RFC 1918 reverse zones (e.g., 10.in-addr.arpa)
>
> I would like to follow best practices by separating authoritative&  recursive functionality.

TMK that concept applies to authoritative servers queried by _others_ 
(i.e., listed in NS records). I have always configured my internal 
resolvers in the manner you describe, and have never had any problems 
with it.


hth,

Doug

-- 

	Nothin' ever doesn't change, but nothin' changes much.
			-- OK Go

	Breadth of IT experience, and depth of knowledge in the DNS.
	Yours for the right price.  :)  http://SupersetSolutions.com/




More information about the bind-users mailing list