To ensure a stable DNS server service, it is necessary to install several secondary servers that provide DNS services. To ensure compatibility with other solutions than those offered by Windows, it is necessary to activate the AXFR protocol, which is used to replicate selected DNS zones. By replicating these zones, it is possible to ensure the load balancing of the primary DNS servers.
Step 1 Set up Windows DNS service
To allow zone transfer, it is possible to select permission for all DNS servers so that they can download all records using the AXFR protocol. To increase security, it is advisable to list the IP addresses of the servers for which we have synchronization enabled.
Step 2 BIND9 server setup
Creating a configuration file:
nano /etc/bind/named.conf.mhasin.localzone "mhasin.local" IN {
type slave;
file "mhasin.local.zone";
masters { 10.1.1.6; };
allow-transfer { 10.1.1.0/24; };
allow-notify { 10.1.1.6; };
};To ensure the import of the created configuration:
nano /etc/bind/named.confAt the end of the file you need to add:
include "/etc/bind/named.conf.mhasin.local";
Odborník na kybernetickú bezpečnosť, správu Azure Cloud a VMware onprem. Využíva technológie, ako Checkmk a MRTG, na monitorovanie siete a zvyšovanie efektívnosti a bezpečnosti IT infraštruktúry.
