And yes, you can automate this with nsupdate to old and new catalog,
Brilliant, Petr, thank you.
I saw some of the loviest log messages this week during coo from k-catz to
t-catz:
zone t-catz/IN: transferred serial 10: TSIG 't'
catz: t-catz: reload start
catz: updating
Hi Jiaming.
You're welcome.
Personally I don't see why you want to obscure information about internal
zones, since they can't be reached from the Internet anyway.
Creating a dummy intermediate zone (an ENT - Empty Non-Terminal) may work,
but it seems to add complexity for no - or very little - ben
Hi Greg,
Thanks for the example given. I was trying to digest your answer, it seems it
would be better to have intermediate subdomain for the purpose. So it will be
site1.internal.example.com, site2.internal.example.com, etc. and thus only NS
records of internal.example.com can be visible and n
Hi,
a partial response:
> If it's possible, can anyone confirm zone transfers from master
> to slave would still work even if the servers ran different
> major versions?
Yes, "of course", because the details of that transfer is
specified by the DNS protocol standards.
Regards,
- Håvard
--
Vis
Hi, thanks for the reply.
There really is not much I can tell you about my parent zone. For now, I made
an exclusion with “validate-except” and everything seems to be working fine
both internally and externally.
Not sure about your first suggestion, as the top domain is also served
internally
Hi,
thank you Ondřej and Stacy, we'll start testing next week.
Kind regards,
David Bruha
Dne pátek 21. dubna 2023 10:03:26 CEST, Ondřej Surý napsal(a):
> Hi,
>
> I can confirm that it’s ok to skip 9.16 and go straight to 9.18. There’s no
> need for the intermediate step. As usual, it’s recommen
Would it make sense to create a subdomain for internal use, but have the
main zone signed with external records only? Is it possible to make
changes to names?
Can you make for example in.ubi.pt just internal only, not accessible
from outside?
If you want to have your external zone signed wit
Hi,
I can confirm that it’s ok to skip 9.16 and go straight to 9.18. There’s no
need for the intermediate step. As usual, it’s recommended to do a test
migration first if you want to be extra careful.
Ondrej
--
Ondřej Surý — ISC (He/Him)
My working hours and your working hours may be different
If it helps, my assessment was that one could skip 9.16 too.
I recognise that this is thanks to the hard effort that ISC work to
provide backward compatibility, and not by some accident.
On Solaris 11.4 current shipping versions of BIND are
$ pkg list -fa service/network/dns/bind
NAME (PUBLIS
9 matches
Mail list logo
