Is this possible

Kevin Darcy kcd at daimlerchrysler.com
Tue Mar 23 17:33:43 UTC 2004 

Jonathan de Boyne Pollard wrote:

>BF> You could have the W2k3 zones AD-integrated, so each W2k3
>BF> DNS Server would be a "master", but then you run into
>BF> serial number problems as documented in MS article 282826.
>
>JdeBP> This is, of course, a red herring.  Since the serial number 
>JdeBP> is irrelevant when one is using Active Directory database
>JdeBP> replication, there are no problems with it to run in to.
>
>KD> The problem is not *between* the W2K3 servers of the AD-integrated
>KD> zone, it's with any other boxes you may have which use plain old
>KD> AXFR/IXFR to slave the zone. 
>
>This is the merely same red herring in disguise.  Mixing and matching
>different database replication mechanisms (for a given subset of the DNS
>database) within a single set of peer content DNS servers should not be done
>unless one is _very_ careful and knows _exactly_ what one is doing.
>
No, that's very old-fashioned thinking. A gazillion little one-off 
solutions that don't interoperate unless you pay an expert to be "_very_ 
careful and know[] _exactly_ what [they] are doing" (???) Come on, give 
me a break. One main benefit of standards is to ensure that even people 
who don't completely know what they are doing and/or don't have enough 
money to pay high-priced experts to hand-hold their systems, can get 
products from different vendors and codebases to interoperate with each 
other. This is a *good* thing, unless you happen to be one of those 
high-priced experts gouging their customers for "private" solutions 
instead of standards-based ones...

>  The
>contents of the "SOA" resource record should be treated as private to each
>particular replication mechanism, and one must not expect different DNS
>database replication mechanisms to use all of the fields in the same way, or
>in a way that is compatible with one another, or even to use them at all.
>
The standards dictate that the serial number is incremented when the 
zone contents change. How hard is that to get right? Why would you 
defend such total incompetence on the part of Microsoft? (Actually, I'm 
being generous to Microsoft here; some would accuse them of deliberate 
sabotage). As long as the serial number is handled properly, and zone 
transfers work, then all of these other "private" replication schemes 
interoperate with the standards-based one.

- Kevin

More information about the bind-users mailing list