Slaves or Forwarders?

[Tony Finch]

Baird, Josh <jbaird at follett.com> wrote:
>
> In the past, when I have had a requirement to bring a slave zone into
> our environment; I created a slave zone on my master(s) (defining the
> external nameserver as a master) and then created slave zones on my
> slaves using *my* master as a master (not the master outside of my
> environment).

> Is this method of 'sub-slaves' considered an acceptable practice?

Yes. (The new EDNS EXPIRE feature makes it a bit safer too.)

> Some folks also like to use forwarders if they don't have the capability
> to slave the zone.  In this scenario, I would have to create a 'forward'
> zone on each of my caching servers that forwards requests for 'xyz.com'
> to the up-stream nameserver authoritative for the zone.

Be careful doing that. The target forwarders have to be recursive servers.

This matters if there is a delegated subdomain; if you are forwarding to
an authoritative-only server which returns a referral, BIND will be upset
that it did not get the final answer it expected.

> I would think that slaving the zone would be the preferred method, since
> my master/slaves could still serve the zone if the up-stream/forwarder
> becomes unreachable (until my slave expires).

Yes, slaving can be more robust. But forwarding can be simpler.

Tony.
-- 
f.anthony.n.finch  <dot at dotat.at>  http://dotat.at/  -  I xn--zr8h punycode
Trafalgar: Easterly 6 to gale 8 in east, otherwise northerly or northeasterly
4 or 5, increasing 6 at times. Slight or moderate, occasionally rough in east.
Showers. Good.