I'm going to try slaves like so
If I setup slave zones like so on 192.168.1.1
zone "domainA" IN { type slave; masters { 192.168.2.1; }; file
"db.domainA"; };
zone "domainB" IN { type slave; masters { 192.168.3.1; }; file
"db.domainB"; };
and in 192.168.2.1 and 192.168.3.1
in options
notify yes;
also-notify { 192.168.1.252; };
allow-transfer { 192.168.1.252; };
On Wed, Jul 27, 2016 at 1:11 PM, <wbr...@e1b.org> wrote:
> > From: Jeff Sadowski <jeff.sadow...@gmail.com>
>
> > On the samba mailing list they described setting up the DC as the NS
> > and forward to another machine for more rules.
> > This will work fine for one domain. Now lets say I have 2 domains.
> >
> > If I setup forwarders like so on 192.168.1.1
> >
> > zone "domainA" IN { type forward; forward only; forwarders { 192.
> > 168.2.1; }; };
> > zone "domainB" IN { type forward; forward only; forwarders { 192.
> > 168.3.1; }; };
> >
> > It will cache entries for each domain and if a computer gets a
> > different address for dhcp it will update on the domain's DNS but
> > the dns on 192.168.1.1 will have a cached entry untill it expires.
> >
> > 192.168.2.1 and 192.168.3.1 are setup to forward all other zones
> > than their domain names to 192.168.1.1
>
> Your Domain Controllers should be the DNS servers for any computer in that
> domain. Forward any other queries to a recursive server (192.169.1.1?)
> which may or may not be authoritative for other domains.
>
> > if I have DNS server set for all machines in domainA to 192.168.2.1
> > all machines on domainA see any DNS changes to domainA imediately
> > machines on domainB are cached and can take time to clear out.
> > And
> > if I have DNS server set for all machines in domainB to 192.168.3.1
> > all machines on domainB see any DNS changes to domainB imediately
> > machines on domainA are cached and can take time to clear out.
>
> Yep, thats how it works.
>
> > What is the best way to resolve this issue?
>
> Short TTLs in your domain controller DNS.
>
> ------------------------------
>
>
> * Confidentiality Notice: This electronic message and any attachments may
> contain confidential or privileged information, and is intended only for
> the individual or entity identified above as the addressee. If you are not
> the addressee (or the employee or agent responsible to deliver it to the
> addressee), or if this message has been addressed to you in error, you are
> hereby notified that you may not copy, forward, disclose or use any part of
> this message or any attachments. Please notify the sender immediately by
> return e-mail or telephone and delete this message from your system.*
>
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
