On 02.02.10 14:25, Rob Tanner wrote: > We have two registered name servers to answer internet queries. One is on > site and the other is a service of our ISP. The problem is that every once > in a while the secondary server doesn¹t successfully complete zone transfers
Ha! a problem! - check why it's that often unable to complete transfers. - what kind of transfers are they? Your domain(s)? What about resolving internet domains? > and the data expires. Another problem! zone should expire some time after unability to fetch new one. If that happend "every once in a while", then there's something broken with the zone - ordinary zones should have expire times 1-4 weeks. > I¹m not sure what technically how the server answers > when queried for addresses it no longer thinks are valid, but even after > it¹s fixed it takes a while for the bad data to go away. Away from where? if server has a zone configured, it should only provide the date in zone, not any cached data. > What I¹m wondering > is, what are the consequences of simply not using the secondary server. you won't be able to resolve if your primary fails. > Right now we are looking at hardened appliances configured into a high > availability cluster and I figure the pipe to the outside has a high > likelihood of going down then does the cluster. So, if name servers out in > the internet can¹t even reach our server because our connection is down, is > that something that also propagates and get¹s cached (i.e. Is no data > treated the same as bad data by upstream bind servers? No. However I'd focus on problems of your secondary server. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Quantum mechanics: The dreams stuff is made of. _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users