[Pdns-users] Migration to PowerDNS from Bind 9.7
asankag at talkup.com.au
Thu Nov 15 01:25:44 UTC 2018
Welcome aboard. I'm also new to PDNS and only an expert of few months :)
>From the info you provided everything seems to be good. Someone with higher understanding will chime in if there's something wrong with it :)
Assuming your Auth DNS servers are only serving private internal zones/domains, you can use the following setup to consolidate resources instead of having to run separate instances:
What I did was have 1 master and 2x slave (replication via mysql back-end) Auth servers. Master is only accessible via management IP and only used to configure DNS entries. Replication is also handled via management IP addresses for security and is setup as a one-way sync (master->slave). Only slaves are visible others in the organisation.
Both slaves are configured with Auth DNS + Recursor as per the Scenario 1 of the above link.
Hope this helps.
On 15/11/2018 6:29:58 AM, Ian Easter <ieaster at telvue.com> wrote:
As many before me, I have inherited a network infrastructure that is showing its age. First order is to update the self-hosted DNS servers. This is new territory for me, so I get the opportunity to learn as I progress in the endeavor.
Right now it is 1 BIND Master and 2 BIND Slaves and they provide DNS for our local office as well as a remote Colo. They handle the Private Internal Zones we have as well as directing requests for public internet resolution. At least, I believe that to the best summary of how they're performing.
I have a test environment setup currently and everything looks to be running smoothly. My question is geared toward verifying if I understood the overall functions correctly and have things configured as it should be (optimally).
I have PDNS Recursor sitting as the front for all of the DNS requests so they may be resolved for public websites/access and I have the `forward-zones` option set to forward all requests to the Authoritative and Slave PDNS Servers for our private internal domains. So Recursor is getting all requests, private zone/domain requests are forwarded to the Authoritative server and all others are obtained externally.
Is this the proper setup or is there a way that the Authoritative DNS Server would need to be configured to manage requests in this fashion?
_______________________________________________ Pdns-users mailing list Pdns-users at mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
This email has been checked for viruses by Avast antivirus software.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Pdns-users