Quote:
Originally Posted by sandman!
my dns works fine, ns3 is not active its a new name sever i plan on deploying.
|
NS3 first seen 2019-07-20
You have both the primary and secondary DNS in the same subnet at the same location, and nobody running a business should run a risk like that, when its so easy to mitigate.
Secondary servers must be placed at both topologically and
geographically dispersed locations on the Internet, to minimise the
likelihood of a single failure disabling all of them.
That is, secondary servers should be at geographically distant
locations, so it is unlikely that events like power loss, etc, will
disrupt all of them simultaneously. They should also be connected to
the net via quite diverse paths. This means that the failure of any
one link, or of routing within some segment of the network (such as a
service provider) will not make all of the servers unreachable.
[RFC 2182]
The faulty serial number means you are at risk in case of a zone transfer
This is exactly why I recommend people never spend time running their own public DNS