More on BIND 9.1, Views, and Zone Transfers
D. J. Bernstein
75628121832146-bind at sublist.cr.yp.to
Thu Feb 8 21:21:06 UTC 2001
Alain Fontaine (Post master, UCL) writes:
> As a result, the information in both views will be identical, and
> private data will leak to external clients.
Right. This is one of many flaws in the zone-transfer concept. See
http://cr.yp.to/djbdns/faq/axfrdns.html#what for further discussion.
In contrast, with _server_ replication, both servers respond to clients
the same way. See http://cr.yp.to/djbdns/faq/tinydns.html#add-ns for an
example of replicating a tinydns server; tinydns is designed to work
smoothly with rsync.
---Dan
More information about the bind-users
mailing list