On Apr 23, 2008, at 17:27 , Sanjay Akula wrote:
> I have a question on DNS, Is it better to be DNS on Global-zone  
> rather than
>    in localzone?
>    I would like to know the pros and cons of DNS to be in global  
> zone than
>    local zone. Pl. suggest me
Well the answer is very straightforward (at least for me). DNS is a  
service that doesn't require the global zone, so it is better in a non- 
global zone. We run all of our DNS servers in non-global zonse.  
Especially for security this is a good thing, as well known DNS  
servers have security vulnerabilities form time to time. In the case  
of a non global zone only the zone is compromised and the attacker  
can't penetrate as deep as he could in a global zone.

So long

zones-discuss mailing list

Reply via email to