On Thu, 2009-02-05 at 15:13 +0000, Dean, Barry wrote:
> One of my colleagues is convinced my DNS config is "broken",
[ ... ]
Barry,
There are some details you neglected to mention. In particular,
it's left to the reader's best guess that your colleagues
exchange server is given a name belonging to the livad.liv.ac.uk
zone. If that's actually the case, then the SOA record for
livad.liv.ac.uk is indeed the record whence the negative cache
timer for the Exchange server's name is obtained.
It's also not clear who is the zone admin for the livad... zone:
you, your colleague who deals with Exchange, or someone else.
Two options occur to me for you. You could have the zone admin
for livad... shorten the negative cache timer. Alternatively,
you could have your internal resolving servers act as stealth
slaves for livad... Your servers won't then cache RRs
belonging to livad... and will be kept up to date by NOTIFY
from the master (provided, of course, that the master can ...).
Without client access to your internal recursive servers, I
can't say whether they're broken or not. However, my first
impressions from what you wrote are that they're very likely
doing "what it says on the tin".
If you feel some off-list follow-up would help, I would be
interested, as the experience may help me anticipate and/or
forestall potential problems of a similar nature.
Best regards,
Niall O'Reilly
University College Dublin IT Services
(just a ferry-ride away!)
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
