Sysquery Errors
Jim Reid
jim at rfc1035.com
Wed Nov 22 23:36:09 UTC 2000
>>>>> "Kevin" == Kevin Darcy <kcd at daimlerchrysler.com> writes:
>> Also, make sure your internal root servers are master or slave
>> for the root zone. Master is preferable as root zones tend to
>> require special administration rather than routine reloading
>> and zone transfers.
Kevin> Hmmm?? I've been running an internal root for years and
Kevin> I've never had any problems with a regular master/slave
Kevin> setup. I think BIND 8 fixed all of the pre-existing
Kevin> root-slave problems...
The "special administration" I was alluding to did not concern the
name servers or the DNS protocol. They work just fine. I meant the
control of the contents of the root zone: who's allowed to change it
and put the new root zone on the name servers; the change windows when
this can be done; access permissions on copies of the root zone file;
when servers can be reloaded/restarted; CM procedures and audit
trails; etc, etc. As you say, there's no technical reason preventing
the root zone being slaved in the usual manner: a zone is a
zone. However there can be procedural and organisational reasons for
not doing that as a matter of routine. And sometimes the zone
propagation delay - even with NOTIFY - takes too long. This can
present problems for any critical DNS zone, especially the root.
More information about the bind-users
mailing list