how two dns bind master sync?
Bob McDonald
bmcdonaldjr at gmail.com
Thu Aug 23 13:21:43 UTC 2018
> This may be an unpopular opinion, especially on the BIND-Users mailing
> list (sometimes BIND is not the best answer).
>
> It sounds like you might want something like multi-master DNS servers
> that Active Directory (with AD integrated zones) provides.
Here's the Microsoft AD DNS explanation:
https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/active-directory-integrated-dns-zones
This may be the time to start some dialogue around the way Bind processes
updates. While AD integrated DNS does process updates for multiple masters,
it does it outside the Bind-centric communications path. (I believe it uses
AD to forward updates from one master to the others). Bind needs some sort
of multi-master framework but there are a few issues if things stay the way
they are. There are obvious issues with serial number accounting and slave
notification. There are also issues with update processing (and
forwarding). Right now the only server that can accept updates is the
master. Forwarded updates are stamped as coming from the forwarding node.
That makes tracking updates almost impossible. (And that seems to be the
case for both signed and un-signed updates) I may be not seeing something
but from my point of view, that, above all else, must change if a
meaningful multi-master framework is to emerge.
Regards,
Bob
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20180823/d6b8b193/attachment.html>
More information about the bind-users
mailing list