How to setup a backup NameServer?
Matus UHLAR - fantomas
uhlar at fantomas.sk
Wed Apr 30 14:07:32 UTC 2014
On 29.04.14 10:24, houguanghua wrote:
>I'm designing how to protect DNS for an ISP. The zones are not owned by the
> ISP. The ISP wants to proect the DNS query during attacking.
>So it's not standard DNS solution. During the attacking, the backup server
> will provide the DNS query and it works even if it can't refresh zones
> from primary NS. Backup server is configured the private IP of this ISP.
> All local DNS servers of this ISP knows where is the backup server.
ISP should just run a few recursive DNS servers for its clients.
They do not need to be accessible from the internet, only from its
Simply run a few DNS servers for your (and your clients) DNS zones, that do
not provide recursive DNS (only zones) and a few DNS servers that only
server recursive DNS for ISP clients.
This is (or at least should be) standard DNS servers' configuration at any
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
LSD will make your ECS screen display 16.7 million colors
More information about the bind-users