On 02.12.12 18:10, Paul Romano wrote:
Thanks for the correction on the term TTL instead of timer. The engineer I
inherited this environment from has the refresh set to 40 minutes and the
zone expiration set to 2 hours. The explanation I got was that since we
are authoritative for AD we want ensure that some kind of scavenging is in
place.
... and if your primary server(s) fill fail for 2 hours, your zone will stop
working.
Your explanation suggests that the refresh time is strictly
survivability and will not force an update if the serial numbers do not
increment enough to implement the refresh.
that is how DNS works. The problem with microsoft DNS servers and AD is that
they do not follow this standard.
Am I stating this correctly? Any suggestions?
according to what I know, use 2-3 AD servers and keep DNS on them.
Just make sure they will not fail at the same time...
If anyone has better info on how do microsoft AD sevrers work with DNS, just
let us know...
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Windows found: (R)emove, (E)rase, (D)elete
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
