I recommend a highly secured master that is not queried by any clients (preferably in a network/vlan your clients can't even access)... then configure one-way zone transfers to 2 or more slave servers which you configure your clients to point to. Maintain your zone files in rcs of some sort... For IP control/delegation and DNS control/delegation I recommend IP Plan.
Of course bind is the 800lb gorilla in the DNS world... don't even think about putting DNS on windows.
I don't recommend any front ends being that a few hours well spent reading the docs and man pages will make you a dns expert in no time. Bind is very easy to learn and shouldn't take longer than an afternoon at best.
On Fri, Aug 14, 2009 at 4:17 PM, Hugh E Cruickshank hugh@forsoft.comwrote:
Hi All:
I am looking for some possible recommendations on the handling of our internal DNS services. First some background...
Until recently our entire network was located within a single facility with internal DNS services provided by our CentOS 4.7 (using BIND). While I had problems with DHCP/DNS communications it was basically working.
At the beginning of the month we moved the production servers (a couple of RHEL5.3 boxes with a Windows 2008 server) to a new facility connected to the old facility via a VPN. We are still running with our DevSys as the DNS server but I would like to make the two locations at least partially independent. I have been doing some research (probably enough to be really dangerous to myself<g>) and it looks like I need to setup a master/slave setup.
Here are my questions...
Is the BIND master/slave the appropriate approach?
Can I have each subnet be a master for itself and a slave for the
other subnet?
Any pointers to applicable docs/examples?
Can you recommend a "front end" for BIND (we have webmin installed
but I have yet to start working with it)?
Any and all thoughts, suggestions, criticisms gladly accepted.
TIA
Regards, Hugh
-- Hugh E Cruickshank, Forward Software, www.forward-software.com
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos