Re: putting several master DNS hosts behind a vip

2015-12-09 Thread Grant Taylor
On 12/09/15 16:32, blrmaani wrote: I would like to put 4 DNS masters behind a vip and have several slaves doing the zone transfer from the VIP-IP. Is this normal? I don't know that I would consider this normal per say. I'm assuming that you are talking some sort of network load balancer, i.e

RE: About query response on a view

2015-12-09 Thread Darcy Kevin (FCA)
Well, there some things that are not clear from your message: A) when you do your "dig", what is your source address, what is your destination address, and what is your match-clients ACL for the internal view? These values have a bearing on what view you're going to match. Seems like you're mat

putting several master DNS hosts behind a vip

2015-12-09 Thread blrmaani
Hi, I would like to put 4 DNS masters behind a vip and have several slaves doing the zone transfer from the VIP-IP. Is this normal? The usual approach is to have slaves getting zone transfers from multiple masters. What is the disadvantage of having slaves using just the vip and have all mast

Re: About query response on a view

2015-12-09 Thread Mark Elkins
If you ever want to do DNSSEC - you are going to have a problem. If possible - have two different servers, one for inside, one for outside. This could be: (1) Two different machines (2) One machine - virtualised - each of the two virtual machines logically like (1) (3) One machine with two IP add

Re: About query response on a view

2015-12-09 Thread Barry S. Finkel
Okan Bostan wrote: Hello List, We are planning to migrate to Bind dns, I'm a bit newbie. In our design we have two views; int and ext. As internal view, recursion is on and we have our internal zones & forwarders. I have no problem with internal view. In external view, recursion in no. Also

Re: About query response on a view

2015-12-09 Thread Eray Aslan
On Wed, Dec 09, 2015 at 09:11:28AM +, Okan Bostan wrote: > As internal view, recursion is on and we have our internal zones & > forwarders. I have no problem with internal view. Do try and separate authoritative and recursive servers in your environment. > But in our existing DNS enviroment,

About query response on a view

2015-12-09 Thread Okan Bostan
Hello List, We are planning to migrate to Bind dns, I'm a bit newbie. In our design we have two views; int and ext. As internal view, recursion is on and we have our internal zones & forwarders. I have no problem with internal view. In external view, recursion in no. Also have some zones. In te