4

In an AD-integrated DNS system, there really isn't a concept of one "Master" DNS server; all AD-integrated zones are authoritative and updatable across all DNS servers, and send updates to each other on a regular basis.

Is there a similar methodology/ option/ capability in BIND? All I read about is setting up master/ slave but I don't want to do that.

030
  • 5,731
  • 12
  • 61
  • 107
Jeremy Holovacs
  • 399
  • 1
  • 6
  • 22

4 Answers4

6

AD-Integrated zones are stored in the AD database (the actual AD partition they are stored in will vary depending on the scope of replication selected for the zone). As such, each participating DC is authoritative for it's copy of the zone just as each DC is authoritative for it's copy of the other AD partitions. DNS zone replication is a function of AD replication. From the perspective of the DC, the DNS zone is simply another AD partition to be replicated along with the other AD partitions.

joeqwerty
  • 108,377
  • 6
  • 80
  • 171
5

No. Standard DNS protocol has no mechanism for Multi master replication. AD DNS works by not doing DNS replication at all - what you mean Feature wise relies on AD providing the replication.

DNS basically assumes you have a master. Now, seriously, though - in the typical Environments this is TOTALLY enough - only when you have tons of updates (like a Company Network) are you running into possible issues.

uSlackr
  • 6,337
  • 21
  • 36
TomTom
  • 50,857
  • 7
  • 52
  • 134
1

Your problem description makes it sound as though what you really want is a multi-master setup (though you don't say why -- it might be possible to more usefully advise you if you tell us why you don't want to use a master/slave setup.)

However, just to clarify the use of terminology in your title question, you asked:

"Can you have multiple authoritative BIND DNS servers for the same zone, like AD-integrated DNS?"

The literal answer to that question is "yes." Slave servers are also authoritative servers for the zones they slave. It doesn't matter that they are not the origin point for new configuration information being added to the zone; the data that is served by slaves is considered authoritative and the AA (Authoritative Answer) flag is set on responses that come from slave servers.

So if your question is actually about authoritative data and you are not accidentally misusing the term to represent another concept, then the answer to your question is actually "yes" and configuration is trivial. I suspect, however, that that's not what you are looking for.

Michael McNally
  • 1,450
  • 9
  • 14
  • You are correct; I worded it poorly. I will fix that. – Jeremy Holovacs Dec 15 '12 at 21:16
  • The question still has some ambiguity, as there is nothing stopping you from having multiple, "writable", authoritative servers for a zone. Unfortunately, however, they will not share updates with one another, except for master to slave, so that's almost certainly not what you mean (or want.) Currently BIND does not support multi-master. It's a feature being considered for inclusion in future versions but we haven't added it yet. – Michael McNally Dec 15 '12 at 21:27
  • I think it's pretty clear now, the "like AD-integrated" pretty much sets the context of the question, and the details spell out the context further. – Jeremy Holovacs Dec 16 '12 at 15:34
1

how about hosting /etc/bind/ on a GFS2/DRBD distributed filesystem , with the SOA reflecting all the NS in the zone , each BIND would be master on their own replicated local zones

user174309
  • 11
  • 1