Chapter 10. Advanced Features and Security
“What’s the use of their having names,” the Gnat said, “if they won’t answer to them?”
In this chapter, we’ll cover some of the Microsoft DNS Server’s more advanced features and suggest how they might come in handy in your DNS infrastructure. (We do save some of the hardcore firewall material for Chapter 14, and we cover advanced features specific to Windows 2000 in Chapter 11.)
DNS NOTIFY (Zone Change Notification)
Traditionally, slaves have used a polling scheme to determine when they need a zone transfer. The polling interval is called the refresh time. Other parameters in the zone’s SOA record govern other aspects of the polling mechanism.
Wouldn’t it be nice if the primary master name server could tell its slave servers when the information in a zone changed? After all, the primary master name server knows the data has changed: every time a zone is changed with the DNS console, the DNS console notifies the server, which immediately changes the zone in its memory. The primary’s notification can come soon after the actual modification instead of waiting for the refresh interval to expire.
RFC 1996 proposed a mechanism that allowed primary master servers to notify their slaves of changes to a zone’s data. The Microsoft DNS Server implements this scheme, called DNS NOTIFY for short.
DNS NOTIFY works like this: when a primary master name server notices a change to data in a zone, it sends a special notification message to all slave ...
Get DNS on Windows 2000, Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
