[Freeipa-devel] DNS use cases
Adam Young
ayoung at redhat.com
Wed Oct 13 15:42:55 UTC 2010
On 10/13/2010 10:38 AM, Simo Sorce wrote:
> On Tue, 12 Oct 2010 17:44:24 -0400
> Adam Young<ayoung at redhat.com> wrote:
>
>
>> Really, there are two use cases for creating a zone:
>>
>> 1. I want the IPA server to manage the zone. it will be the MNAME
>> field for the DNS record.
>>
>> 2. I want IPA to act as the caching server for the zone, which is
>> managed by a remote server.
>>
>> The two use cases are mutually exclusive. It seems that really, only
>> the first makes sense. The second case is really a degenerate case
>> of "act as a caching DNS server for remote server X" where all
>> unresolved queries get forwarded to server X, and the results cached
>> for future use.
>>
> Minor nitpick on zones and caching.
>
> Being a secondary is technically not just caching. When you are a
> secondary, you do zone transfers, and then are able to reply to any
> request even those not seen before about a specific record in the zone.
> Zones never expire, they just keep being used until the master updates
> the zone serial record, at which point the zone is refreshed.
>
> It also involves having the right to issue a zone transfer request.
> Something normally not permitted to random clients.
>
> Caching instead is done as part of the normal function of DNS servers
> and is applied to all records regardless of where they come from.
>
Good point. I don't think it changes the heart of my argument, but
since this mail is likely to morph into a document used to either
explain the design or help the end user, it helps to have it as correct
as possible.
So, a better version would be:
2. I want IPA to act as a secondary server for the zone, which is
managed by a remote server.
...
In The second case, the main decisions are made by the primary, and the second server derives the information it needs to make a decision from the primary.
> Simo.
>
>
More information about the Freeipa-devel
mailing list