Multiple nameservers
Kevin Darcy
kcd at daimlerchrysler.com
Tue Mar 28 23:21:02 UTC 2006
Eight32 wrote:
>Hi list
>
>I want to set up a DNS server that will 'emulate' multiple nameservers
>ie when queried, the answer will appear as if this physical server is
>the SOA for that domain only.
>
>What design philosophy should I follow? Seems as though a mixture of
>Auth Only, Stealth (for invisibilty), and Forwarding is favourable.
>
>How would I list multiple reverse lookup (zzz.yyy.xxx.rev) files in
>named.conf?
>
>
It's not clear to me what you're trying to accomplish here. In a DNS
response, the Authority Section identifies the *single* zone from which
the answer is being made. It doesn't tell you anything about other zones
that may or may not be hosted on the same nameserver. So why do you
think there is some "hiding" that needs to go on here, and what would be
the purpose of this hiding? Why try to fool clients into thinking that
the nameserver only hosts a single zone? Please clarify.
If what you're trying to accomplish is running a bunch of "virtual"
nameserver instances on a bunch of virtual-IPs (or, I guess, even
physical IPs, if you have the cash to spend) on one box, you could
either have separate nameserver instances running on each VIP (via
"listen-on"), or a single instance with views differentiated by
"match-destinations".
Hopefully you realize that you shouldn't have *all* of the nameservers
for a particular zone dependent on any particular piece of hardware,
e.g. they shouldn't all be virtual IPs on the same NIC. The whole
purpose of the "two nameserver minimum" rule is to provide some
redundancy and resiliency to the Internet DNS infrastructure, and one
doesn't advance that by creating Single Points of Failure.
- Kevin
More information about the bind-users
mailing list