Is this possible
Kevin Darcy
kcd at daimlerchrysler.com
Tue Mar 23 17:33:43 UTC 2004
Jonathan de Boyne Pollard wrote:
>BF> You could have the W2k3 zones AD-integrated, so each W2k3
>BF> DNS Server would be a "master", but then you run into
>BF> serial number problems as documented in MS article 282826.
>
>JdeBP> This is, of course, a red herring. Since the serial number
>JdeBP> is irrelevant when one is using Active Directory database
>JdeBP> replication, there are no problems with it to run in to.
>
>KD> The problem is not *between* the W2K3 servers of the AD-integrated
>KD> zone, it's with any other boxes you may have which use plain old
>KD> AXFR/IXFR to slave the zone.
>
>This is the merely same red herring in disguise. Mixing and matching
>different database replication mechanisms (for a given subset of the DNS
>database) within a single set of peer content DNS servers should not be done
>unless one is _very_ careful and knows _exactly_ what one is doing.
>
No, that's very old-fashioned thinking. A gazillion little one-off
solutions that don't interoperate unless you pay an expert to be "_very_
careful and know[] _exactly_ what [they] are doing" (???) Come on, give
me a break. One main benefit of standards is to ensure that even people
who don't completely know what they are doing and/or don't have enough
money to pay high-priced experts to hand-hold their systems, can get
products from different vendors and codebases to interoperate with each
other. This is a *good* thing, unless you happen to be one of those
high-priced experts gouging their customers for "private" solutions
instead of standards-based ones...
> The
>contents of the "SOA" resource record should be treated as private to each
>particular replication mechanism, and one must not expect different DNS
>database replication mechanisms to use all of the fields in the same way, or
>in a way that is compatible with one another, or even to use them at all.
>
The standards dictate that the serial number is incremented when the
zone contents change. How hard is that to get right? Why would you
defend such total incompetence on the part of Microsoft? (Actually, I'm
being generous to Microsoft here; some would accuse them of deliberate
sabotage). As long as the serial number is handled properly, and zone
transfers work, then all of these other "private" replication schemes
interoperate with the standards-based one.
- Kevin
More information about the bind-users
mailing list