how two dns bind master sync?
Grant Taylor
gtaylor at tnetconsulting.net
Thu Aug 23 22:50:19 UTC 2018
On 08/23/2018 02:15 PM, Grant Taylor via bind-users wrote:
> It's my understanding that MS-DNS servers hosting AD Integrated zones
> are actually functioning as application layer gateways between DNS and
> data that's stored in LDAP.
My AD Guy confirms that the DNS data for Active Directory Integrated
Zones is indeed stored in LDAP and that MS-DNS is acting as an
application layer gateway between DNS and LDAP. As such, the
multi-master aspect issue is pushed to AD's LDAP implementation.
> So the case of synchronizing records with different FQDNs is actually
> trivial in that different records are being updated in the back end LDAP
> and the ALG is simply reading the data and replying to clients.
He confirmed that LDAP does support writes to different data on
different servers without a problem.
He even indicated that updates for the same FQDN may not be a problem,
depending on the operation being done. I.e. multiple inserts for A
records will simply merge in LDAP data. The thing he wasn't quite sure
of was what would happen if one server deletes an A record and another
server enters an A record. He thinks that LDAP will delete the first
record which is different and insert the other record.
He also mentioned that it is unlikely that the same FQDN would be
modified on two different servers at the same time. As such, LDAP would
likely see different FQDNs and simply merge them as part of the raw data.
This is where I wash my hands and decide that I want to NOT get any
deeper into AD.
--
Grant. . . .
unix || die
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3982 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20180823/954c6928/attachment-0001.bin>
More information about the bind-users
mailing list