Getting really offtopic now (especially since the DNS seems to work
again), but...
Bill Moran wrote:
Edwin Mons <[EMAIL PROTECTED]> wrote:
[snip]
...and, ofcourse, any certified admin of any kind should know that it is
not advised to run your pri and secondary nameservers from the same subnet.
This is a bit off topic, but ...
This argument falls in to the same class as the secondary MX argument (IMHO).
A 2nd MX is good for one reason: you have control over how long mail is
stored if your primary server is down. Not a must if you trust foreign
mailhosts to try and resend your mail long enough if the pri is down.
If there is only 1 WWW server, and it's on the same subnet as the DNS server,
then what good does a DNS server on a different subnet do? If the network
that the WWW server is on goes down, the system is still inaccessable, even
if the DNS resolves.
I'm not the only one who holds this opinion, but it does seem like a lot of
folks disagree on this point.
Mail tends to get lost if an MX record for a domain isn't found... There
are other reasons for trying to have at least one DNS server available,
even if your own infrastructure fails. Hosts under your domain that
aren't in that subnet are one... Being able to know what the IP is of
the host you want to reach is another (i.e. different errors for
end-users, some of who are even cluefull enough to understand the
difference!) There are reasons why secondaries are required for most
TLDs... Been administrating complex networks and domains for long enough
now to know that a secondary can really help you when the shit hits the
fan.. Redundancy is what keeps the internet from falling apart.
Just my €0.02...
Edwin Mons
_______________________________________________
BSDCert mailing list
[email protected]
http://lists.nycbug.org/mailman/listinfo/bsdcert
