On 14/04/17 22:40, McDonald, Daniel (Dan) wrote:
That works fine for test.example.com. But when I go to production, I
need to do it for example.com
As others have noted, you can't delegate a single record from the apex.
tl;dr - vendor specific, as your GSLB vendor.
There are multiple solutions to this problem and most of them are
(sadly) vendor-specific and certainly not anything to do with bind. You
will probably want to speak to your GSLB vendor.
Briefly, you'll probably get told some combination of:
1. Replace your authoritative servers with our GSLB entirely, we'll
magically rewrite the apex query when we receive it.
2. Put our GSLB servers in front of your authoritatives as a kind of
reverse proxy, we'll magically blah
3. Don't use the zone apex, or have it be a simple/stateless redirect
to www.example.com (often a branding/comms no-no)
4. Stick all the SLB IPs at the zone apex statically (or dynamically
via e.g. script, DDNS, etc.)
5. Use an authoritative server which will magically do this for you
e.g. it supports a pseudo-record like ANAME or similar.
Probably the only thing relevant to bind is option #4 (which we actually
do). You could write a script that update the zone apex A/AAAA records
on a short schedule e.g. once a minute to keep it approximately "in
sync" with the GSLB. Depending on what GSLB policies you're doing you
might be able to replicate some of them (e.g. geo IP replies).
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
