How to find all DNS slave servers available?
Bill Larson
bind9 at comcast.net
Mon Dec 20 23:57:22 UTC 2004
On Dec 20, 2004, at 4:21 PM, CIC Information Line wrote:
> How to find out all the DNS slave servers in a
> specific DNS environment?
Ask the administrators of the servers?
Frankly, there is no way to identify all of the slave servers for a
zone as long as the possibility of having "stealth" slaves exists.
The systems identified with "NS" records in a zone had better be either
the master or a slave for a zone. Any server that the parent has
delegated had also be a master or slave for the zone also (these should
be identified with NS records in the zone file).
In the named.conf file it is also possible to identify stealth slaves
with the "also-notify" directive such that DNS Notify messages are sent
to these stealth slaves. But this still leaves the possibility for
someone setting up a slave for a zone, having it perform a zone
transfer to populate the zone, and then never knowing about it.
You could look through the logs to identify who has performed a zone
transfer from one of the known servers under the possibility that these
may identify possible slaves. But this can still lead you to a dead
end by having a stealth slave that is the source for another stealth
slave.
So, in general, there is no way of knowing all of the possible slaves
for a particular zone.
Bill Larson
More information about the bind-users
mailing list