Moving dynamic zones to new master+slave pair without interruptions
Peter Rathlev
peter at rathlev.dk
Thu Jan 7 07:57:44 UTC 2016
On Wed, 2016-01-06 at 18:04 +0000, Darcy Kevin (FCA) wrote:
> I'd just like to note in passing that the "separate authoritative and
> recursive" herd mentality reaches the ultimate point of absurdity
> when you only have 2 servers and you're going to create single points
> of failure (apparently, unless I'm misinterpreting "stand alone") to
> conform to this so-called "best practice".
[...]
I'm not religious about either model, but in this case the load on the
recursive caching servers merits them being their own instances. We are
not splitting the functions based on security concerns.
> Needless to say, I don't subscribe to the (apparently popular) notion
> that the roles need to exist on separate *hardware*. [...]
One of two authoritative servers and two of three recursing will be
virtual servers. So it's not as much a waste of hardware as it could
be. :-)
> View-level separation is, in my opinion, sufficient to meet the
> security requirements. [...]
Certainly. We use views on the resolvers for our public "guest" network
and have had not concerns about this.
[...]
> Speaking of availability, as your network evolves, you might want to
> consider running recursive service on Anycast addresses [...]
We already use anycasting on the recursive servers and would prefer a
simple configuration that can easily be replicated to new instances. As
part of this pending transition we will introduce an extra recursing
server.
Keeping things simple, even if that means running more servers, helps
me sleep at night. It helps my colleagues handling things without
having to call me. :-)
--
Peter Rathlev
More information about the bind-users
mailing list