[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] How to use .include file to add secondary dns
- Subject: Re: [cobalt-users] How to use .include file to add secondary dns
- From: josh <josh@xxxxxxxxxxxxxxxxxx>
- Date: Fri May 24 19:22:29 2002
- List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>
On Fri, May 24, 2002 at 01:06:37PM -0700, Jeff Lasman wrote:
> josh wrote:
>
> > My understanding that I should really have at least three entries
> > below.
>
> According to who? None of the DNS books I've ever read recommend at
> least three.
Albitz and Liu in DNS an BIND (my somewhat old copy) don't seem to
address the problem directly. If that is the book you read on DNS, all
I can say is it is a good choice, but not a good book to answer the
question of how many secondaries you need.
In answer to your question ("According to who") I believe I can safely
say the Internet Engineering Task Force, almost every book I have ever
seen and every administrator I have ever spoken with says that two
secondaries is the minimum. As my RaQ is a primary, then two
primaries and one secondary make three. See below for quotes -- the
Cobalt Inteface clearly is making conventional good practice
impossible.
My favorite book on Unix System Administration, _UNIX System
Administration Handbook_ by Evi Nemeth and a slew of other people
states:
"The master server should be located on a machine that is stable, does
not have many users, is relatively secure, and perhaps in on an
uninterruptible power supply. There should be at least two slaves, one
of which if off-site. On-site slaves should live on different networks
and different power circuits. When name service stops, all normal
network access stops, too."
For guidance you might also look at RFC 2182:
* 2182: Selection and Operation of Secondary DNS Services.
Particularly section 5
5. How many secondaries?
The DNS specification and domain name registration rules require at
least two servers for every zone. That is, usually, the primary and
one secondary. While two, carefully placed, are often sufficient,
occasions where two are insufficient are frequent enough that we
advise the use of more than two listed servers.
...
It is recommended that three servers be provided for most
organisation level zones, with at least one which must be well
removed from the others. For zones where even higher reliability is
required, four, or even five, servers may be desirable.
>
> We have two one one of our domains, five on another. We usually give
> clients two nameservers.
>
> > That is, I'm the primary and there should be at least two
> > secondaries; properly I should have the option of more than two
> > secondaries.
>
> You do, if/when you do DNS by hand. See the other replies for more
> details.
>
> > The web interface is in error by only providing a space
> > to add one primary and one secondary nameserver.
>
> One of each is perfectly serviceable.
>
> > Can I use a .include file to add another secondary??
>
> I wouldn't mess with the files created by the gui; they're completely
> rewritten every time you click on "save changes", even if all you
> changed was another domain's DNS.
>
> But you might try creating a manual record in the /etc/named/records
> file and see if it lasts through changes.
>
> Be sure to make a backup first, in case it crashes your dns.
>
> Jeff
> --
> Jeff Lasman <jblists@xxxxxxxxxxxxx>
> Linux and Cobalt/Sun/RaQ Consulting
> nobaloney.net
> P. O. Box 52672, Riverside, CA 92517
> voice: (909) 778-9980 * fax: (702) 548-9484
>
> _______________________________________________
> cobalt-users mailing list
> cobalt-users@xxxxxxxxxxxxxxx
> To Subscribe or Unsubscribe, please go to:
> http://list.cobalt.com/mailman/listinfo/cobalt-users
--
Josh Kuperman
josh@xxxxxxxxxxxxxxxxxx