Split Brain and Authoritativeness (Problems)
Bill Myers
wmyers at tns-inc.com
Wed Oct 13 23:02:54 UTC 1999
> Our network was re-organised to a split brain scheme which can be
> summarised as follows.
>
> External server, Acts as primary for public addresses and reverse
> addresses. 2 off site secondaries are run off the primary.
Sounds ok.
> Internal servers.
> Primary runs forward and reverse maps for all internal
> addresses - some , others are private test networks.
What do you mean "tie in with public stuff"? DNS info from the same domain?
If so, how? This could be the leak of the external view of your domain to the
inside.
> Root map points at the Internet's root servers, so off site
> queries get resolved.
This should be ok as long as *every* internal server secondaries your domain.
These servers should secondary your "example.com" domain, but not necessarily
your "delegated.example.com" domains.
> Secondaries load internal maps from the primary, but also
> refer other queries to the Internet's root servers.
You mean you secondary some or all internal domains from the primary? You
mean you populate your cache file with Internet root servers?
>
> Secondaries on the private test networks load internal maps
> from the internal primary, but have their own
"Have their own" what? Roots? You mean they are configured as root servers?
More information about the bind-users
mailing list