Can I use a hidden primary?
> I am having a difference of opinion with
one of our ISP's regarding a
> plan to move to a "hidden primary"
configuration.
>
> With the proposed configuration, our two
ISP's would host each host a
> single "secondary" dns server,
getting zone updates from our "hidden"
> primary. Our domain registration and whois
records would only list the
> ISP's name server. Similarly, the zone file(s)
would only have NS
> records for the ISP's name servers. The true
primary server would not
> be listed anywhere.
>
> One of the ISP's is saying that this will
not work, because the NIC
> requires at least one "primary"
DNS server to be listed in the whois
> records, and that they will check to make
sure that the given IP address
> does indeed point to a primary server (i.e.
one that gets its zone
> records from a local source).
They're just plain wrong. Yes, many registrars
will prompt you to enter
a "primary" and a "secondary"
name server for your zone, but they have
absolutely no way of checking whether a name server
you list is actually
the zone's primary master. And it's quite common
to use a hidden primary
setup.
> I do not believe this to be true, but cannot
find evidence either way to
> validate one of the positions.
>
> As the recognized dns guru, can you please
answer this one.
Sure.
cricket
Men & Mice
Market leaders in the world of DNS, DHCP and IP Address Management, serving thousands of customers.
Contact information