Bind and AD
Ron Hall
thorn at cc.mcgill.ca
Tue Sep 10 12:43:44 UTC 2002
On Mon, 9 Sep 2002, Kevin Darcy wrote:
> Mmmm.... Not really. I assume you mean you run the delegated nameservers --
> or at least the master -- for mcgill.ca...
'zackly so (but I knew that ;-) )
>
> Any Dynamic Update client should be looking at the MNAME field of the
> zone's SOA record, and its NS records, to determine where to send Dynamic
> Updates. So as long as those are correct, your slaves shouldn't be getting
> any Dynamic Update requests for the delegated zones.
The question seems to be that they really want the
request to seem like it is coming from the "main" nameservers
So that if xyz has an update request and it find one of the
"main" name servers, then it has that "host" issue the update
request.
Currently it hits the "main" servers and is routed to the
right update "host", but they are trying to hide those
behind firewalls.
>
> If you're running BIND 9, you could also enable update forwarding so that
> even wayward Dynamic Updates will end up in the right place (don't try this
> with BIND 8, however; update forwarding is quite broken in that version).
Well I've been meaning to update to bind 9 for a while now....
does this do what I want it to do?
HTH
As Always
r
More information about the bind-users
mailing list