running w/ win2k as master and bind8 as slave (was win2k's dns)
Jim Reid
jim at mpn.cp.philips.com
Wed Sep 1 10:12:29 UTC 1999
>>>>> "steve" == steve rader <rader at teak.wiscnet.net> writes:
steve> Lots of folks overlay robust change management systems on
steve> top of good ol' BIND to provide authorization control and
steve> auditability. I doubt anyone will every reasonably overlay
steve> a change management system to provide authorization control
steve> and auditability of DDNS changes.
steve> We have revision histories, change logs, trouble tickets
steve> and the like to associate with (ahh, well, almost =:) every
steve> DNS change. With DDNS, we can't continue to gather all
steve> this change management information.
Indeed. And this is another reason why DDNS gives me the heebie-jeebies.
There are real-world business processes which critically depend on the
DNS here: "if we can't get to this SAP server, the fab line will shut
down and that costs ~$20,000 an hour". Since DDNS would presumably
bypass our existing CM procedures - and leave no audit trail - this
could have very unpleasant consequences.
More information about the bind-users
mailing list