You all rule! (about 28 so far) General consensus is MSDNS is broken (sucks, crappy, bad idea) UNIX bind 9.x is capable of all the "extensions" that M$ has implemented, but UNIX isn't broken. So I *can* use DHCP with bind 9.x and have the clients dynamically update the DNS records, but I should/will not implement that headache. According to your many great suggestions, doing so will most likely allow the windows clients to break the DNS server and open up security holes. Many people mentioned that they are doing this right now and it works fine. Following is a "sum up" of the replies I got; Solaris/UNIX has less dependencies than M$ DNS All windows clients require is dynamic updates, which BIND 9 supports. (Not recommended) What the hell are you thinking (running critical apps on windows) M$ is Non-Standard Stability Some Solaris programs that rely on DNS do not work properly with MSDNS MSDNS is not able to use wildcards like BIND can Security Letting windows clients register their connection is insecure and unnecessary UNIX bind is less susceptible to DNS spoofing attacks because of BIND allowing signed zone transfers and using non-predictable DNS query ID's If your company uses AD with DNS and/or exchange, your screwed (I'm screwed) You should set up sub-domains and point child DNS servers for each sub-domain to a master MSDNS server Reliability Look at MS knowledge base for DNS and count the number of resolutions that involve restarting the DNS service. Even an AD course instructor recommends staying away from MSDNS because it is too flaky And I quote, "Average uptime here for Windows servers: 14 days. Average uptime here for UNIX: 340 days." Try "Network Registra" from Cisco There were too many people to mention but every response was/is greatly appreciated and very helpful. If I can elaborate further for anyone what I learned, please let me know. Thanks, Dave Baldwin RHCE, UNIX System Administrator NOC Engineer Network Insight, LLC www.networkinsight.com Main: 858-450-1180 Direct: 858-362-8294 Mobile: 619-726-5485 P.S. About the politics, everyone basically recommended to just do my job and not bother. Thanks again _______________________________________________ sunmanagers mailing list sunmanagers@sunmanagers.org http://www.sunmanagers.org/mailman/listinfo/sunmanagersReceived on Thu Nov 1 14:54:22 2001
This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:42:27 EST