Views are like any advanced technology or technique in IT: if understood
and used properly, they can be a big benefit; poorly understood and/or
implemented, they can create a huge, unsupportable mess.
I try to keep the number of views to a minimum, but given the complexity
I have to deal with, some of my named.conf's have as many as 7 views
(most of which are "temporary", since we're always in the middle of
migrating and/or sundowning something or another).
For some of us, virtual instances cost visible bucks from our service
provider, but views cost only extra support time, which is lumped in
with a bunch of other support costs, and is thus not "visible".
Sometimes it matters -- to beancounters -- whether something is broken
out as a line item or not...
- Kevin
On 1/2/2014 10:37 AM, Alan Clegg wrote:
On Jan 2, 2014, at 9:19 AM, wbr...@e1b.org wrote:
Use views
Views +1
When were views added to BIND? We started using using multiple servers in
BIND 4, and I don't recall views being available back then, but I didn't
configure the servers, just maintained the zones.
We're still using multiple servers for internal vs. external resolution.
Views have been in bind "for all recent history".
I've watched this thread and have been biting my tongue as long as I could.
I'm a proponent of separating servers and NOT using views, as any of you that
have taken a class that I've taught will attest.
I've seen too many problems over the years that have been caused by incorrect
maintenance of both data feeding the views and goofs in the mechanisms making
sure that the correct view is made available to the correct slave servers (and
clients).
With today's hardware (virtualization, etc) it's not very expensive to build
out new servers. Separate the services and you remove lots of the little
prickly points that will cause you pain as the complexity of your
infrastructure grows (and as you hand off to the 'next generation' of
maintainers).
I'm actually more a proponent of creating an architecture that doesn't NEED
differentiated data, but there aren't a lot of places implementing DNS / naming
structures on green-fields these days.
AlanC
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
