"Hidden" masters/primary.
Cricket Liu
cricket at acmebw.com
Thu Oct 7 01:58:39 UTC 1999
> If you don't list the primary master in the SOA record, dynamic update
> won't work, since it sends the updates to the server in the MNAME field.
> If you're using a hidden primary, it should still be safe to list the
> hidden primary in the SOA record. Only the NS records are important in
> classifying a server as hidden or not.
Actually, this behavior varies with the implementation. The ISC's
res_update() only sends updates to the MNAME server if it also appears
in the NS list for the zone. This is the behavior specified in RFC 2136.
Microsoft's Windows 2000 sends updates to the MNAME server whether
or not it appears in the NS list. While not the behavior specified in the
RFC,
it works better with hidden primaries.
So depending on the heritage of the dynamic update code you're running, it
may or may not work in a classic "hidden primary" configuration (i.e.,
primary
master not in the zone NS list but as MNAME).
cricket
Acme Byte & Wire
cricket at acmebw.com
www.acmebw.com
Attend our next DNS and BIND class! See
www.acmebw.com/training.htm for the
schedule and to register for upcoming
classes.
More information about the bind-users
mailing list