Chris Thompson wrote:
On Oct 30 2009, Michael Hare wrote:
For those of us that are still running auth and recursive on the same
IP, I believe the benefit would be to deploy a best practices
recursive only nameserver on a different machine/IP address without
getting, in my case, possibly hundreds of thousands of clients to
change their DNS resolver IP address.
Put the authoritative-only nameservers at the new IP addresses, keeping
the recursive ones at the original IP addresses.
Been there, done that!
Well, except then you need to update all of your delegations. That can
not only be an administrative hassle, but can also get very expensive,
especially if you have hundreds of them in ccTLDs, where you have to pay
your "in-country agent" a fee for every registry change. It's quite a
racket.
- Kevin
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users