IPv6 DNS Config Strategies
Florian Lohoff
f at zz.de
Thu Sep 20 11:11:45 CEST 2012
Hi,
On Thu, Sep 20, 2012 at 10:46:50AM +0200, Gert Doering wrote:
> (We use classic BIND zone files. If you run database based backends,
> the whole notion of "separate zones" only makes sense to keep zone transfer
> size down - in that case, "follow administrative boundaries and insert
> sub-zones if size requires it"...)
I have eliminated zone xfers in our own infrastructure by using a git
tree for DNS zones and doing a git pull to the authoritative nameservers
and all of them individually check out their trees (with tons of
syntax checking on checkin and checkout).
The git also contains all informations about zone ACLs, which
nameservers this zone should be loaded etc.
Zonetransfer by git+ssh.
Flo
--
Florian Lohoff f at zz.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 828 bytes
Desc: Digital signature
Url : http://lists.cluenet.de/pipermail/ipv6-ops/attachments/20120920/c8bc6b9f/attachment.bin
More information about the ipv6-ops
mailing list