Primary DNS is NT-based but Want Secondary with Linux
Thor Kottelin
thor at anta.net
Wed Feb 2 08:56:02 UTC 2000
BIND Users Mailing List wrote:
> From: Philip Forst <phil80 at netscape.net>
> I am considering setting up a secondary DNS in my office using bind 8.2 w=
> ith a
> Linux-Mandrake 6.0 box.
> The issue is that the primary DNS is NT-based. From what I've read, "pro=
> per"
> set up a secondary DNS constitutes getting copies of named.conf and the d=
> b.*
> (zone files) from the primary and making the appropriate changes in
> named.conf (slave instead of master, etal).
>
> Does a NT-based primary DNS have the same files such that bind on a Linux=
> box
> can execute a zone transfer?
IIRC, there's a registry hack that will allow you to control Microsoft DNS
using a configuration file instead of through the NT registry. I don't
know whether it would be possible to turn that file into a proper BIND
named.conf. This is a grey area for me - my Microsoft DNS servers boot
from the registry - so if I was faced with your task, I'd probably write
the named.conf manually (unless there were a large number of domains, in
which case I'd look for a scripted solution).
The zone files will probably be differently named and located, but zone
transfers will still work. Think of it as using ftp on a Linux box to
download files from your NT IIS FTP server - the common protocol makes
this possible.
> Can something like this work without a lot of specialized configuration
> changes or am I looking at a lot of potential problems with this kind of
> setup? Any voices of experience?
The only frequently occurring problem I have encountered with BIND
secondaries for Microsoft DNS primaries has been the WINS and WINS-R
records. They are Microsoftisms that BIND will choke on, so you need to
configure your Microsoft DNS servers to use WINS information locally only;
this way, those records will never be included in a zone transfer. Of
course, this means that BIND won't be able to use Microsoft's
DHCP/WINS/DNS integration; if necessary, you could work around this by
placing your DHCP clients in a separate subdomain, and not delegate this
subdomain to any non-Microsoft name servers.
Thor
--
My PGP public key is available on key servers - please use it!
Powerful, automated web hosting: <http://www.virtualis.com/vr/tkotteli/>
More information about the bind-users
mailing list