Re: One question about 'Stealth servers'
On 24.07.14 10:38, 许腾 wrote: As a beginner of BIND, I'm writing to ask one question about 'Stealth servers'. To avoid the access failures arising from the broken down of Authoritative Name servers, I'd like to run Stealth servers as back up. My question is how could I set the Stealth servers as non-priority so that these Stealth servers could not be accessed unless the Authoritative Name servers are broken down? The 'forward' configuration item could set the servers as priority, is there another configuration item could do the contrary thing? Looking forward to your reply! In what way are you going to use those stealth servers? If your recursive nameservers use ordinary resolution, they will never use stealth servers. If you point all stealth zones on your recursive servers to any servers, they will be used in semi-random order, not as primary-backup. If you load the zones on your recursive nameservers, they will use it locally. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. REALITY.SYS corrupted. Press any key to reboot Universe. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: One question about 'Stealth servers'
I know of no way to do this within BIND itself, but if you Anycast your nameservers, and carefully tweak route preferences and whatnot, you could ensure that some instances (call it set A) only get used if all of the members of another set of instances (call it set B) stop advertising the route(s). Of course, that only works if the box is sufficiently down that it stops advertising the route(s). Other failure modes (e.g. zone expired, misconfigured, busying out, nameserver process dead) wouldn't necessarily trigger failover at the routing level. If you want finer control, you'd probably have to use a dedicated load-balancer-type device. - Kevin On 7/23/2014 10:38 PM, 许腾 wrote: Dear all, As a beginner of BIND, I'm writing to ask one question about 'Stealth servers'. To avoid the access failures arising from the broken down of Authoritative Name servers, I'd like to run Stealth servers as back up. My question is how could I set the Stealth servers as non-priority so that these Stealth servers could not be accessed unless the Authoritative Name servers are broken down? The 'forward' configuration item could set the servers as priority, is there another configuration item could do the contrary thing? Looking forward to your reply! Best wishes, Teng ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
One question about 'Stealth servers'
Dear all, As a beginner of BIND, I'm writing to ask one question about 'Stealth servers'. To avoid the access failures arising from the broken down of Authoritative Name servers, I'd like to run Stealth servers as back up. My question is how could I set the Stealth servers as non-priority so that these Stealth servers could not be accessed unless the Authoritative Name servers are broken down? The 'forward' configuration item could set the servers as priority, is there another configuration item could do the contrary thing? Looking forward to your reply! Best wishes, Teng ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users