On Thu, Apr 7, 2016 at 11:00 AM, Sketch <smblist at rednsx.org> wrote:> My guess would be not much, because BIND9_DLZ exists and (mostly) gives you > the best of both worlds. If you want to use bind with MS DNS servers, then > you have to go that route, but it's not necessary with Samba 4 and > BIND9_DLZ.That's clear but I was thinking more of the analogous configuration where I continue to use NSD instead of BIND9_DLZ (or Samba).
On Wed, 13 Apr 2016, Sonic wrote:> On Thu, Apr 7, 2016 at 11:00 AM, Sketch <smblist at rednsx.org> wrote: >> My guess would be not much, because BIND9_DLZ exists and (mostly) gives you >> the best of both worlds. If you want to use bind with MS DNS servers, then >> you have to go that route, but it's not necessary with Samba 4 and >> BIND9_DLZ. > > That's clear but I was thinking more of the analogous configuration > where I continue to use NSD instead of BIND9_DLZ (or Samba).My understanding of Unbound is that designed as a caching nameserver, not an authoratative nameserver. It's supposed to serve DNS to clients from another server, such as BIND or Samba's internal DNS server. Pointing it to your domain's authoratative Samba/BIND9_DLZ DNS servers seems like the proper way to set it up to me.
On Wed, Apr 13, 2016 at 10:29 AM, Sketch <smblist at rednsx.org> wrote:> My understanding of Unbound is that designed as a caching nameserver, not an > authoratative nameserver. It's supposed to serve DNS to clients from > another server, such as BIND or Samba's internal DNS server. Pointing it to > your domain's authoratative Samba/BIND9_DLZ DNS servers seems like the > proper way to set it up to me.Have been using Unbound in this way for well over a year with an MS AD. The point was the possibility, at another location, to continue to use NSD, an authoritative server, which currently contains all the needed DNS records except the new ones necessary to host an AD, in the same manner BIND was used in some of given links to replace the MS DNS in the MS AD environment.