[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] Zone Transfers
- Subject: Re: [cobalt-users] Zone Transfers
- From: flash22@xxxxxxx
- Date: Fri Mar 23 23:06:27 2001
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
On Sat, 24 Mar 2001 baltimoremd@xxxxxxxxxxxxxxx wrote:
> On Fri, 23 Mar 2001 rpaiz@xxxxxxxxxxxxxx wrote:
>
> > > Hmmmm, when you setup the SOA for a domain in the DNS, you have
> Somehow I think zone transfers is the approach. But to be safe, one might
> have to deny all and then specify which ones to allow.
>
> I don't know exactly how it works, but I believe that's the option...
> One system(slave) polls the other(master) for the zone information
Thom, you are missing the point -/
Zone transfers are what you want of course, but the secondary/slave has
to be told which zones it is a slave for, name by name in the config file,
this part isn't automatic,for good reasons, (eg, i could just tell your
nameserver to read zones from me and be a slave without your permission if
it was willing to do that:)
Generally to do this isp's either have some way for the other party to
email or ftp the needed information to the machine to add zone names to
the list of zones that the secondary should be asking for (via zone
transfers , which only read the *contents* of the zone)
Also it's a good idea to check that the other master isn't accidently (or
on purpose) sending secondary zone info for a zone that the secondary is
in fact supposed to be a master for....thereby stealing the one ;) This is
annoyingly easy to do by accident if both machines are swapping
secondaries for each others master zones...
You can certainly add the secondary zones one by one via the gui, but that
requires the owner of the machine to do it , so you have to bug them each
time you want to add a zone, and it's rather tedious to do, say 200 zones
that way -/
gsh