| 1 |
On Wed, Dec 16, 2015 at 4:01 AM, Adam Carter <adamcarter3@×××××.com> wrote: |
| 2 |
>> |
| 3 |
>> There are several problems with your idea. First, the configured |
| 4 |
>> |
| 5 |
>> namservers in resolv.conf are caching servers, not authoritative |
| 6 |
>> servers. You never configure an auth server to act as a cache. Yes, it |
| 7 |
>> can be done. No, it's an awful idea and things break horribly. |
| 8 |
> |
| 9 |
> What breaks if you have caching and auth on the same server? I have been |
| 10 |
> running my tiny home network this way for years. The local domain is |
| 11 |
> properly delegated, but if you just wont a local domain that's not |
| 12 |
> necessary. |
| 13 |
|
| 14 |
The ISC recommends separating authoritative and caching bind servers. |
| 15 |
|
| 16 |
The main reason that I can think of is that someone can poison the |
| 17 |
cache of the domains for which a server's authoritative. |
Archives