(A sequel) Split DNS, Firewall, and Forwarders
Kevin Darcy
kcd at daimlerchrysler.com
Thu Feb 3 22:06:11 UTC 2000
Barry Margolin wrote:
> In article <Pine.BSF.4.01.10002031548020.5417-100000 at phoenix.aye.net>,
> Barrett Richardson <barrett at aye.net> wrote:
> >I can have the agencies to use a forwarder inside the state
> >network, but I am a bit reluctant to make them dependant
> >on my box.
>
> You could make the agencies' servers slaves for your zones.
A stub zone with "forwarders {}" specified, for the top-level zone of each
internal domain, may be a more lightweight alternative, assuming the servers are
running BIND 8.2 or above. Depending on query patterns/volumes, TTL/refresh
values, etc., sometimes being a slave gives better performance though, not to
mention better availability.
- Kevin
More information about the bind-users
mailing list