1 |
On Wed, Dec 16, 2015 at 4:01 AM, Adam Carter <adamcarter3@×××××.com> wrote: |
2 |
>> |
3 |
>> There are several problems with your idea. First, the configured |
4 |
>> |
5 |
>> namservers in resolv.conf are caching servers, not authoritative |
6 |
>> servers. You never configure an auth server to act as a cache. Yes, it |
7 |
>> can be done. No, it's an awful idea and things break horribly. |
8 |
> |
9 |
> What breaks if you have caching and auth on the same server? I have been |
10 |
> running my tiny home network this way for years. The local domain is |
11 |
> properly delegated, but if you just wont a local domain that's not |
12 |
> necessary. |
13 |
|
14 |
The ISC recommends separating authoritative and caching bind servers. |
15 |
|
16 |
The main reason that I can think of is that someone can poison the |
17 |
cache of the domains for which a server's authoritative. |