[CentOS] DNS Server Recommendations

Mon Aug 17 01:17:09 UTC 2009
Chuck <chuck.carson at gmail.com>

I recommend a highly secured master that is not queried by any clients
(preferably in a network/vlan your clients can't even access)... then
configure one-way zone transfers to 2 or more slave servers which you
configure your clients to point to. Maintain your zone files in rcs of some
sort... For IP control/delegation and DNS control/delegation I recommend IP
Plan.

Of course bind is the 800lb gorilla in the DNS world... don't even think
about putting DNS on windows.

I don't recommend any front ends being that a few hours well spent reading
the docs and man pages will make you a dns expert in no time. Bind is very
easy to learn and shouldn't take longer than an afternoon at best.


On Fri, Aug 14, 2009 at 4:17 PM, Hugh E Cruickshank <hugh at forsoft.com>wrote:

> Hi All:
>
> I am looking for some possible recommendations on the handling of our
> internal DNS services. First some background...
>
> Until recently our entire network was located within a single facility
> with internal DNS services provided by our CentOS 4.7 (using BIND).
> While I had problems with DHCP/DNS communications it was basically
> working.
>
> At the beginning of the month we moved the production servers (a couple
> of RHEL5.3 boxes with a Windows 2008 server) to a new facility connected to
> the old facility via a VPN. We are still running with our DevSys as
> the DNS server but I would like to make the two locations at least
> partially independent. I have been doing some research (probably
> enough to be really dangerous to myself<g>) and it looks like I need
> to setup a master/slave setup.
>
> Here are my questions...
>
> 1. Is the BIND master/slave the appropriate approach?
>
> 2. Can I have each subnet be a master for itself and a slave for the
>   other subnet?
>
> 3. Any pointers to applicable docs/examples?
>
> 4. Can you recommend a "front end" for BIND (we have webmin installed
>   but I have yet to start working with it)?
>
> Any and all thoughts, suggestions, criticisms gladly accepted.
>
> TIA
>
> Regards, Hugh
>
> --
> Hugh E Cruickshank, Forward Software, www.forward-software.com
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.centos.org/pipermail/centos/attachments/20090816/d582201e/attachment-0004.html>