Forward First on Master Zone (bypass SOA)

Kevin Darcy kcd at chrysler.com
Mon Apr 1 18:46:23 UTC 2013


On 3/29/2013 12:09 AM, Doug Barton wrote:
> On 03/28/2013 12:28 PM, Ben-Eliezer, Tal (ITS) wrote:
>> My organization is evaluating the use of split-view DNS in our 
>> environment.
>
> Simple ... don't do it. It's almost never the right answer, and as 
> you're learning carries with it more administrative overhead than the 
> problems it's designed to solve.
>
> Much better to spend the time carefully considering what your goals 
> are, and finding other ways to reach them.
And your alternative is what? Run the external version of the namespace 
on a completely separate infrastructure from the internal version?

My personal preference is to make the upfront investment in developing a 
split-view config and then pay less in hardware and maintenance costs 
(in terms of the vendor and my own staff) in the long term, because I 
have fewer nameservers to procure and manage. Of course, I'm a little 
biased, since I've *already* developed that config, which rarely 
requires tinkering, so the hardware and maintenance savings are just 
gravy. For someone just starting out, the cost/benefit decision might be 
a little tougher, especially if they're not experienced with BIND 
configuration, and thus might cause a lot of 
drama/nail-biting/disruption until they get it right.

         - Kevin





More information about the bind-users mailing list