Re: FreeBSD Security Advisory: FreeBSD-SA-01:18.bind
From: sthaug@nethelp.no
Date: 02/01/01
- Next message: Cliff Sarginson: "Re: sendmail vs. postfix question"
- Previous message: Andre Hall: "Re: sendmail vs. postfix question"
- Maybe in reply to: FreeBSD Security Advisories: "FreeBSD Security Advisory: FreeBSD-SA-01:18.bind"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: dillon@earth.backplane.com From: sthaug@nethelp.no Date: Thu, 01 Feb 2001 16:09:21 +0100
> Umm... respectfully, you are not configuring your system correctly
> if the down time affects you.
>
> This is what we did at BEST:
...
> * Three machines running named, non-recursive, ONLY used to serve
> primary and secondary zones. At least 20,000 zones, dup'd to each
> box.
>
> We updated the primary DNS boxes four times a day. We updated the boxes
> one at a time, so at any given moment only one was 'down'.
>
> The DNS protocols handle the rest. It's perfectly acceptable for a
> primary NS to be down as long as other primary NS's are up.
And that's where we like to keep the servers running - even if they are
running non-recursive, and (of course!) there are several servers for
each zone. Thus we prefer ndc reconfig/reload (and HUP before that was
available).
Steinar Haug, Nethelp consulting, sthaug@nethelp.no
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- Next message: Cliff Sarginson: "Re: sendmail vs. postfix question"
- Previous message: Andre Hall: "Re: sendmail vs. postfix question"
- Maybe in reply to: FreeBSD Security Advisories: "FreeBSD Security Advisory: FreeBSD-SA-01:18.bind"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
