Re: Using different OS for Master and Slaves

2019-11-14 Thread Jan-Piet Mens 

give or take some kludgery in the scripts that manage the config files


as Warren pointed out, configuration management can go a long way in 
helping to get that set up; judicious use of templating, for instance, 
can actually produce configs for NSD, BIND, and Knot. :)


-JP
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Using different OS for Master and Slaves

2019-11-13 Thread Warren Kumari 
On Thu, Nov 14, 2019 at 4:58 AM Barry Margolin  wrote:
>
> In article ,
>  Reindl Harald  wrote:
>
> > Am 12.11.19 um 14:00 schrieb G.W. Haywood via bind-users:
> > > Hi there,
> > >
> > > On Tue, 12 Nov 2019, Mundile wrote:
> > >
> > >> Is it good idea and possible to create Master and Slaves nameservers
> > >> using different OSes.
> > >> For example , Master OS =Centos 7 and Slaves Os=Ubuntu 18 or  Windows
> > >> 2016
> > >
> > > It depends on whether or not you enjoy pain
> >
> > there shouldn't be any pain from a technical point of view and there is
> > one security case which could be solved with mixing:
>
> I suspect the pain he was referring to is not really DNS-specific, but
> just due to having to manage servers with different operating systems.
> This means using a more diverse set of management tools, different
> configuration syntax, etc.

Yes -- and as a meta-comment -- using configuration management tools
(Ansible, Puppet, Chef, Salt, etc etc) makes this sort of thing *much*
easier. It;s slightly more work to setup / configure initially, but
especially if you are dealing with multiple nameservers or operating
systems, the level of abstraction you get and / or clear location for
the changes you've made makes a world of differnce.
Just like adding unittests, it initially seems like a lot of faff for
an unclear advantage (other than hipster cred), but once you've gotten
into the habit you quickly understand why it's worth it...

W

>
> --
> Barry Margolin
> Arlington, MA
> ___
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
> from this list
>
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users



-- 
I don't think the execution is relevant when it was obviously a bad
idea in the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair
of pants.
   ---maf
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Using different OS for Master and Slaves

2019-11-13 Thread John Levine 
In article  you write:
>I suspect the pain he was referring to is not really DNS-specific, but 
>just due to having to manage servers with different operating systems. 
>This means using a more diverse set of management tools, different 
>configuration syntax, etc.

I have masters running NSD on FreeBSD and a slave running bind on
linux.  It's not unduly hard to manage, give or take some kludgery in
the scripts that manage the config files, but that's because NSD is
different from bind, not because FreeBSD is different from linux.

___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Using different OS for Master and Slaves

2019-11-13 Thread Barry Margolin 
In article ,
 Reindl Harald  wrote:

> Am 12.11.19 um 14:00 schrieb G.W. Haywood via bind-users:
> > Hi there,
> > 
> > On Tue, 12 Nov 2019, Mundile wrote:
> > 
> >> Is it good idea and possible to create Master and Slaves nameservers
> >> using different OSes.
> >> For example , Master OS =Centos 7 and Slaves Os=Ubuntu 18 or  Windows
> >> 2016
> > 
> > It depends on whether or not you enjoy pain
> 
> there shouldn't be any pain from a technical point of view and there is
> one security case which could be solved with mixing:

I suspect the pain he was referring to is not really DNS-specific, but 
just due to having to manage servers with different operating systems. 
This means using a more diverse set of management tools, different 
configuration syntax, etc.

-- 
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Using different OS for Master and Slaves

2019-11-12 Thread Reindl Harald 


Am 12.11.19 um 14:00 schrieb G.W. Haywood via bind-users:
> Hi there,
> 
> On Tue, 12 Nov 2019, Mundile wrote:
> 
>> Is it good idea and possible to create Master and Slaves nameservers
>> using different OSes.
>> For example , Master OS =Centos 7 and Slaves Os=Ubuntu 18 or  Windows
>> 2016
> 
> It depends on whether or not you enjoy pain

there shouldn't be any pain from a technical point of view and there is
one security case which could be solved with mixing:

a zero day exploit: when both nameservers for a domain are running
different software it's not that easy to shut down the whole domain with
two packets
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Using different OS for Master and Slaves

2019-11-12 Thread G.W. Haywood via bind-users 

Hi there,

On Tue, 12 Nov 2019, Mundile wrote:


Is it good idea and possible to create Master and Slaves nameservers using 
different OSes.
For example , Master OS =Centos 7 and Slaves Os=Ubuntu 18 or  Windows 2016


It depends on whether or not you enjoy pain.


Sent from Mail for Windows 10

-- next part --
An HTML attachment was scrubbed...
URL: 



Perhaps you do.

--

73,
Ged.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Using different OS for Master and Slaves

2019-11-12 Thread sthaug 
> Is it good idea and possible to create Master and Slaves nameservers using 
> different OSes.
> For example , Master OS =Centos 7 and Slaves Os=Ubuntu 18 or  Windows 2016

I guess that depends on what you want to achieve.

If you want maximum diversity you might want to use different OSes
*and* also different name server software for master and slave.

Steinar Haug, Nethelp consulting, sth...@nethelp.no
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Using different OS for Master and Slaves

2019-11-12 Thread Reindl Harald 


Am 12.11.19 um 12:24 schrieb Mundile:
> Is it good idea and possible to create Master and Slaves nameservers
> using different OSes.
> 
> For example , Master OS =Centos 7 and Slaves Os=Ubuntu 18 or  Windows 2016

surely, zone transfers are working over a network protocol no matter
what software or operating system is running the master

as long both sides implement the protocl corretly it has to work
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Using different OS for Master and Slaves

2019-11-12 Thread Mundile 
Is it good idea and possible to create Master and Slaves nameservers using 
different OSes.
For example , Master OS =Centos 7 and Slaves Os=Ubuntu 18 or  Windows 2016

Sent from Mail for Windows 10

___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users