[CentOS] DNS Server Recommendations
Hugh E Cruickshank
hugh at forsoft.com
Thu Aug 20 18:29:01 UTC 2009
From: Chuck Sent: August 16, 2009 18:17
>
> I recommend a highly secured master that is not queried by any
> clients (preferably in a network/vlan your clients can't even
> access)... then configure one-way zone transfers to 2 or more slave
> servers which you configure your clients to point to. Maintain your
> zone files in rcs of some sort...
While I can agree with you suggestion in principal I think that this
might be overkill in our situation. We have a relatively small network
(6-8 servers, 15-20 workstations and maybe a dozen other types of
equipment). I our case I think we can get away with a master and a
slave DNS server running on existing servers.
> For IP control/delegation and DNS control/delegation I recommend IP
> Plan.
I had stumbled across this before but I will have a better look at it.
> Of course bind is the 800lb gorilla in the DNS world... don't even
> think about putting DNS on windows.
We are primarily a UNIX/Linux shop and I prefer not to use windows
for such services unless I absolutely must. There are services that
we require that only run on windows so we do have windows servers in
our mix.
> I don't recommend any front ends being that a few hours well spent
> reading the docs and man pages will make you a dns expert in no
> time. Bind is very easy to learn and shouldn't take longer than an
> afternoon at best.
I think I am going to have to disagree with you here. I have been
using BIND for several years. While I have spent many hours reading
docs and man pages I definitely would not classify myself as a DNS
expert. I know that I am of above average intelligence and maybe I
just have a "blind spot" when it comes to BIND (and it has been known
to happen) but I just do not find it as straight forward to learn
as you have. Then again I am getting "on in years" so that may be
a contributing factor as well.
Anyway, thank you very much for your comments and suggestions. They
are appreciated.
Regards, Hugh
--
Hugh E Cruickshank, Forward Software, www.forward-software.com
More information about the CentOS
mailing list