On Apr 23, 2008, at 17:27 , Sanjay Akula wrote:
> I have a question on DNS, Is it better to be DNS on Global-zone
> rather than
> in localzone?
> I would like to know the pros and cons of DNS to be in global
> zone than
> local zone. Pl. suggest me
Well the answer is very straightforward (at least for me). DNS is a
service that doesn't require the global zone, so it is better in a non-
global zone. We run all of our DNS servers in non-global zonse.
Especially for security this is a good thing, as well known DNS
servers have security vulnerabilities form time to time. In the case
of a non global zone only the zone is compromised and the attacker
can't penetrate as deep as he could in a global zone.
zones-discuss mailing list