Coding a zone statement within the dhcp config file tells dhcp where to
send DDNS updates to. This has traditionally been a method used to update a
truly stealth (hidden) DNS master/primary zone.
However, in the case of using bind DNS servers to provide DNS for Windows
Active Directory, this can
On Wed, May 11, 2022 at 4:34 PM Grant Taylor via bind-users <
bind-users@lists.isc.org> wrote:
> On 5/11/22 2:19 PM, Bob Harold wrote:
> > Not sure who set it up, but my DHCP servers have for some zones:
> >
> > zone x.y.z.in-addr.arpa
> > {
> > primary 10.2.3.4;
> > }
>
> I'm assuming that
On 5/11/22 2:19 PM, Bob Harold wrote:
Not sure who set it up, but my DHCP servers have for some zones:
zone x.y.z.in-addr.arpa
{
primary 10.2.3.4;
}
I'm assuming that is BIND's named.conf syntax.
Which I believe overrides the MNAME lookup.
Doesn't that just tell BIND where to
On Wed, May 11, 2022 at 1:50 PM Grant Taylor via bind-users <
bind-users@lists.isc.org> wrote:
> On 5/11/22 11:24 AM, Bob McDonald wrote:
> > It would seem that using an anycast cloud name (An anycast cloud
> > of the NS device IPs) for the MNAME might provide the same level of
> > distribution
On 5/11/22 11:24 AM, Bob McDonald wrote:
It would seem that using an anycast cloud name (An anycast cloud
of the NS device IPs) for the MNAME might provide the same level of
distribution as per Windows. However, again, you run into the issues
of forwarded updates.
Another thing that I've
It's always an architectural choice to use anycast with your authoritative
zones. I'm speaking from purely a private network (inside) viewpoint. I
typically only use anycast for recursive DNS servers on my
private (internal) network.
That said, here are some thoughts. (This is my understanding
I will say edge DNS servers reduce client config complexity, even if you
have DHCP, and increase resiliency of the initial resolver.
Where it's true with DHCP you can change the DHCP server options it doesn't
help if someone just got a 4 day lease and then the DNS server dies.
Additionally the
On 5/8/22 5:58 AM, Tony Finch wrote:
Regarding anycast, it isn't necessary for internal authoritative
servers unless your organization is really huge (and probably not
even then): it is simpler to just use the DNS's standard reliabilty
features. All you need to do is have more than one
I have to warn you:
Authoritative server selection in DNS is not standardized, and thus it
is not guaranteed to be stable even between BIND releases.
If you need to make static and/or optimal routing then you need to reach
into IP routing layer for that.
Petr Špaček
On 08. 05. 22 18:57,
On the closest server question it will prefer the closest but a certain
percentage will go to servers further away. Additionally depending on the
version of BIND and the distance it could lead to the servers further away
taking more traffic in high QPS situations.
If you are getting high QPS you
Thanks for the answers. A couple more questions and then I'll stand down.
First, it's Ben Croswell. Just pointing that out.
Second, my reading of the definition of a static-stub zone in the Bvarm
indicates that its use is to allow a local copy of the NS list which may
differ from the primary
I would concur that internally Anycast is best for client facing edge nodes
to reduce client configuration complexity as well as reducing impact of a
first resolver outage.
On Sun, May 8, 2022, 7:59 AM Tony Finch wrote:
> Bob McDonald wrote:
> >
> > My question is this; how do the recursive
Bob McDonald wrote:
>
> My question is this; how do the recursive servers determine from
> the information in the stub zone which name server to query?
As well as what Bob Croswell said about SRTT (which is entirely correct),
there's a subtlety with stub zones in particular.
A stub zone works a
I can't speak definitively for stub zones, but I would assume it works the
same as NS delegations or forwarding.
A DNS server maintains a listing of smoothed round trip times (SRTT) for
each potential destination. It uses the SRTT with the lowest value, and
after each successful response all of
Forgive my ignorance if this is a trivial question.
Supposing I have an internal IP network (rfc1918) where there atr local
caching servers (recursive) which clients connect to and scattered around
are several authoritative servers which provide answers for internal only
zones. Those internal
15 matches
Mail list logo
