Re: Strange DNS request

Currently our primary DNS servers are using BIND 8.3.3. My goal is to
get them to BIND 9 this year; but they are internal and relatively
restricted.



We allow dynamic updates to both forward and reverse zones using an ACL
( allowing the DNS servers and AD Domain Controllers ) to do updates.
Since in AD the clients do the reverse DNS updates we restrict that to
the subnet via ACLs. The clients CANNOT update the primary zone so all
AD PCs are in another subordinate zone. The zone transfers and dynamic
updates do include the SRV records required for AD and DDNS.



Lamar



_____

From: IBM AIX Discussion List [mailto:aix-l@xxxxxxxxxxxxx] On Behalf Of
Fernandez Garay Jorge
Sent: Thursday, November 16, 2006 6:09 PM
To: aix-l@xxxxxxxxxxxxx
Subject: Re: Strange DNS request



Thanks for the help.



What version of BIND are running your slaves for de AD zone?

Are they getting the zone transfer from Windows DNS servers?

If yes, the zone transfer includes SRV records and the slaves

are processing those records??





Thanks again



Jorge



_____

De: IBM AIX Discussion List [mailto:aix-l@xxxxxxxxxxxxx] En nombre de
Lamar Saxon
Enviado el: Jueves, 16 de Noviembre de 2006 20:26
Para: aix-l@xxxxxxxxxxxxx
Asunto: Re: Strange DNS request

I run the master DNS server for our primary zone and have my DNS servers
as a slaves to the AD DNS zone.



Later versions of BIND on AIX do support the SRV records of AD... I
know BIND 8 in AIX 4.3.3 supported it since we implemented AD at that
time.



Lamar



_____

From: IBM AIX Discussion List [mailto:aix-l@xxxxxxxxxxxxx] On Behalf Of
Fernandez Garay Jorge
Sent: Thursday, November 16, 2006 5:11 PM
To: aix-l@xxxxxxxxxxxxx
Subject: Strange DNS request





Has anyone in the List some experience (at least 2nd hand) about setting

an AIX DNS server as a slave server (or secondary Name Server) of a
Windows
DNS master server??

Is a request for a distributed subnet, with lot of PCs administered with
Microsoft's
Active Directory.

Though it sounds mad, I need to give a rather argued answer to NT Admin
fellows.

Has AIX DNS implementation, support for SRV Resource Records(Those for
Active
Directory)??
Documentation at hand only mention support for LDAP

Thanks in advance



Ing. Jorge A. Fernandez Garay
Administrador UNIX
Jefatura de Tecnologia y Comunicaciones
Gerencia de Sistemas

COTO CICSA





---COTO CICSA--------------------------------------------------------
Este mensaje es estrictamente confidencial. Puede contener informacin
amparada y protegida por el secreto profesional. Si Ud. ha recibido este
mensaje por error, por favor reenvelo inmediatamente a
postmaster@xxxxxxxxxxx y elimnelo permanentemente de su sistema. El
contenido de este mensaje no puede ser copiado ni divulgado a ninguna
persona. Muchas gracias.
---COTO CICSA--------------------------------------------------------
This message is strictly confidential. It may also be privileged or
otherwise protected by other legal rules. If you have mistakenly
received this message, please notify us by forwarding it to
postmaster@xxxxxxxxxxx and then delete it permanently from your system.
This message should not be copied or its contents disclosed to anyone.
Thank you.
---COTO CICSA--------------------------------------------------------
Privileged and Confidential. This e-mail, and any attachments there to,
is intended only for use by the addressee(s) named herein and may
contain privileged or confidential information. If you have received
this e-mail in error, please notify me immediately by a return e-mail
and delete this e-mail. You are hereby notified that any dissemination,
distribution or copying of this e-mail and/or any attachments thereto,
is strictly prohibited.



---COTO CICSA--------------------------------------------------------
Este mensaje es estrictamente confidencial. Puede contener informacin
amparada y protegida por el secreto profesional. Si Ud. ha recibido este
mensaje por error, por favor reenvelo inmediatamente a
postmaster@xxxxxxxxxxx y elimnelo permanentemente de su sistema. El
contenido de este mensaje no puede ser copiado ni divulgado a ninguna
persona. Muchas gracias.
---COTO CICSA--------------------------------------------------------
This message is strictly confidential. It may also be privileged or
otherwise protected by other legal rules. If you have mistakenly
received this message, please notify us by forwarding it to
postmaster@xxxxxxxxxxx and then delete it permanently from your system.
This message should not be copied or its contents disclosed to anyone.
Thank you.
---COTO CICSA--------------------------------------------------------

Relevant Pages

  • Re: DNS signature failed to verify error
    ... In our last we discussed the need for there to be a NS record for each DNS ... Under the zone domain.local there is a delegation _msdcs which only has one ... _msdcs.domain.local is configured the "Replicate to all DNS servers in the AD ... Thanks for the DCDiag syntax suggestion. ...
    (microsoft.public.windows.server.dns)
  • Re: DNS Zone Type
    ... There may be only one primary when the zone is on both ... Windows DNS and Bind. ... Microsoft MVP (Windows Server System: ...
    (microsoft.public.windows.server.dns)
  • Re: Setting up a FreeBSD gateway
    ... I'm getting ready to set up BIND for the first ... I don't know how to set up DNS. ... > Then you forward zone file for your "domain" as well as reverse zones ...
    (freebsd-questions)
  • Re: 2 Questions...
    ... In one post you asked about the value of the empty root. ... With a multi-domain forest one has a few choices for DNS ... One could use standard zone transfer to these, ... as already stated or by having the DNS servers of corp forward to ...
    (microsoft.public.windows.server.dns)
  • Re: Question re: DNS forwarding best practices
    ... change rate of the root DNS zone's content. ... to a primary of the zone, so hopefully you have at least one ... as the case might allow) to the DNS servers of the root. ...
    (microsoft.public.windows.server.dns)