[prev in list] [next in list] [prev in thread] [next in thread] 

List:       linux-server
Subject:    Re: BIND: Primary AND Secondary DNS on one box?
From:       Brian Candler <B.Candler () POBOX ! COM>
Date:       1999-04-27 23:12:29
[Download RAW message or body]

> My question is can I configure
> the system to be a primary AND a secondary DNS server ( the secondary would
> be a virtual address)?

If you are running BIND 4.x, it will accept queries on all the interfaces
which are configured on that box. So if you set up either a primary or
secondary zone, it will respond authoritatively on all those addresses.

With BIND 8.x, you can specify which particular interfaces (IP addresses)
you want it to listen on; you still have to ifconfig those virtual
interfaces first of course.

This is moderately pointless, since the whole reason for having a secondary
DNS server is to have something which answers queries in the event of the
primary failing (RFC 2182), and to do that properly it needs to be on a
diverse network connection in order to cope with network outages.

> If so, does Linux create additional files to facilitate the secondary DNS
> server, or
> does the secondary address just use the same resources as the primary?

(That's a BIND question of course, rather than Linux)

If you set it up as described above, a single copy of BIND can answer
queries on multiple interfaces. With BIND 8.x, in theory you could run two
copies of BIND on different interfaces with different configurations. I
can't see any reason why you'd want to :-)

[Someone else wrote:]
> Sometimes 'primary' DNS means the server that is
> listed first and that receives the bulk of the DNS queries, whereas
> 'secondary' servers are backups in case the primary fails.

The listed primary does not receive the bulk of the DNS queries; they all
receive equal load, due to the fact that the NS records are rotated (except
on ancient versions of BIND, and in that case both the cache making the
request _and_ the server answering the request would have to be running such
an ancient version for round-robin not to spread the load)

This does of course beg the question of why InterNIC ask you to list the
primary and secondaries separately for a zone. According to Randy Bush (who
is one of the authors of RFC 2182), there is no good reason for this.

[prev in list] [next in list] [prev in thread] [next in thread]