24 Kvě
2023
24 Kvě
'23
10:33
On 23 May 2023 at 21:47, Randy Bush wrote:
The win here is big if your database is still small, you get better zone file
synchronisation
between FRED and the secondaries that propagate the zones. You avoid the rsync related
security issues. Your zones will propagate in good time in relation to the TTLs of the
zones
instead of adding additional time and complication from rsynch
As the database grows then you can go for multiple machines. At .mw we now have a very
large database since FRED also accummulates logs in the database and we occassionally
have to trim the database to optimise use of memory, disc space and avoid timeouts that
registrars face when such resources get exhausted on the single machine.
Does that help ?
Regards,
Paulos
=====================================
Dr Paulos B Nyirenda
NIC.MW & .mw ccTLD: http://www.nic.mw
SDNP: http://www.sdnp.org.mw
Tel: +265-(0)-882 089 166
Cell: +265-(0)-888-824787
WhatsApp: +265-(0)-887386433
abdoul,
We at .mw have tried rsync in the past 2 years to backup DNS zone files and other such
files
to a remote site but our experience shows that this does not work as good as XFR.
In addition we noticed that rsync introduces some unecessary security issues as you have
to
pass authentication details around be it passwords or digital certificates.
We still use rsync only for backing up the BIND server config file since this changes much
less often and it then is just a matter of restarting the BIND server after such a
transfer.
@Randy we had already thought about the rsync
command, then insert
it into a script and create a line in the crontab to automate it.
and you did not like because? i would not cron it, but find a way for
it to happen after fred publishes. @Randy how
about installing KNOT DNS & FRED on the same server for
this start?
not sure i see the win, but go for it.
randy
--
This email has been checked for viruses by AVG antivirus software.
www.avg.com