On 10/25/18 2:34 PM, N6Ghost wrote:
I want to move a core namespace to the load balancer but i want them to let me assign them a new zone thats internally authoritative and use it as the LB domain.which would be: cname name.domain.com -> newname.newzone.domain.com they want: cname name.domain.com -> newname.oldzone.domain.com old zone is directly delagated from outside to them so we need an internal forward zone for it. i dont want to rely on that.
Can I ask why you don't like forwarded zones?Is it a possibility to slave the zone off of them instead of forwarding to them?
any thoughts on this? what can i use to present to management to win this?
I think it comes down to pros and cons of each: existing zone + forwarders vs new zone.
IMHO it's perfectly fine to have dislikes. You just need to be able to explain them and / or set them aside if someone explains their position better.
next, we where a bind shop but switched to infoblox for some stuff and now out grew it. and are going back to bind. but we started using the dns firewall part of it and they actually really liked it. any ideas for domain blacklisting? via some sort of feed etc? what is everyone doing for that sort of thing?
Response Policy Zone(s) are what you want. I thought that's how Infoblox did it themselves. Maybe they were using the newer Response Policy Service. - It's my understanding that the RPS API is open and documented. It's just that there aren't any Open Source / free RPS services.
IMHO: RPS is similar to milter for Sendmail or WCCP for caching proxies. -- Grant. . . . unix || die
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users