On 04.06.13 13:42, Alan Shackelford wrote:
We have 2843 authoritative zones. We run a split brain DNS. The new hospitals and other entities need to see our internal zone view once they have "joined". So I have them forward queries during the early stages of the merger, until I can get control of their DNS and make appropriate changes. There are fatherhood issues and all manner of ego problems involved in absorbing someone else's DNS. This step provides a workable solution in the very first stages. Then I make them slaves, with a reasonable expire time, to give them a copy of the data locally.
As I see it, the solution is still the same: shorten required TTLs and/or fix transferring. They apparently needed to be listed as NS in their domains so they will get the NOTIFY and retransfer. If they are not in NS records, shorten the SOA refresh/retry times. Simply, resubmitting a query after NXDOMAIN is received is an ugly hack and violates the DNS principles. The problem must be solved by DNS tools. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. BSE = Mad Cow Desease ... BSA = Mad Software Producents Desease _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
