Friday, July 26, 2019

Re: Syncing unbound.conf

No - you wouldn't do it with Unbound which is a *recursive* DNS server, you
would use an authoritative one like NSD, PowerDNS, Knot or BIND. All you
would do with Unbound is use stub-zone to point it at an authoritative server.

--
Sent from a phone, apologies for poor formatting.
On 26 July 2019 11:05:44 Flipchan <flipchan@riseup.net> wrote:
> Can you link to any guides or pratical howtos on how to pratically do that
> with unbound ?
>
> Thanks
>
>
> On July 25, 2019 9:32:29 PM GMT+03:00, Stuart Henderson
> <stu@spacehopper.org> wrote:
> On 2019-07-25, Flipchan <flipchan@riseup.net> wrote:
>
> Greetings everyone,
>
> Does anyone have a good solution for syncing unbound configuration files?
>
>
> i have the senario where i have two internal LAN's that in two different
> offices that need to have the same internal
> dns system for the local systems, and there is a lot of changes being done
> in the internal zone records so i need
> a good way to sync them(the ideal way where to have a similar solution like
> mysql's master-master replication).
>
> Both dns resolvers are running unbound on openbsd 6.5 and right now the
> configuration file is synced with ansible.
> Does anyone have a good solution on replicating dns records/configs for
> unbound. In the future it will be scaled
> even more so right now is a good time to implement some replication for the
> unbound configs.
>
> Does anyone have a solution for this?
>
> There is people changing the config files on both instances so the ideal
> way would be a replication real time sync function.
>
> Anyone got any ideas?
>
>
> Thanks in advance
> Ciao
> flipchan
>
>
> If multiple sites are updating records in the same internal zone at various
> times, they would probably be better off with a normal authoritative DNS server
> serving that zone (with e.g. stub-zone to point unbound at it), editing it in
> one place, and using normal DNS replication (zone-transfer and notify)
> to push the updates.
>
>
> --
> Sent from my Android device with K-9 Mail. Please excuse my brevity.

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)