does zone trump forward?
Dave Warren
davew at hireahit.com
Wed Jun 5 20:54:34 UTC 2013
On 2013-06-04 06:42, Alan Shackelford wrote:
> We have 2843 authoritative zones. We run a split brain DNS. The new
> hospitals and other entities need to see our internal zone view once
> they have "joined". So I have them forward queries during the early
> stages of the merger, until I can get control of their DNS and make
> appropriate changes. There are fatherhood issues and all manner of ego
> problems involved in absorbing someone else's DNS. This step provides
> a workable solution in the very first stages. Then I make them slaves,
> with a reasonable expire time, to give them a copy of the data locally.
To me, it sounds like changing these steps by moving directly to using
slave zones would fix the issue, no? Is there any particular need to
start with forwarding rather slaving right from the start?
I realize there are egos, but "Connect our network to yours" includes
things like routing and DNS. You're not taking over their territory just
yet, just adding yours to theirs.
Politics aside, it solves the technical issues without butchering DNS or
adding excessive unreliability.
But then I just hate forwards. Burned 1000x times, lesson learned :)
--
Dave Warren
http://www.hireahit.com/
http://ca.linkedin.com/in/davejwarren
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20130605/2dbb3da5/attachment.html>
More information about the bind-users
mailing list