Draft: This information is provided as guidance only, you are expected to adapt it to your own needs.
As the BlueCat security model works at a zone level (unlike IPreg which worked
on domain name pattern matching) we have had to map domain names to zones. This
means that secondarying will need to change, anyone who simply secondaries
cam.ac.uk and private.cam.ac.uk will find that they have almost empty
zones. We recommend either using the main resolvers, only secondarying zones of
interest or, if full secondarying needs to continue, use catalogue zones so
that you will not have to make changes every
time a new zone is added or removed.
Example BIND named.conf.options fragment:
options {
// ... your other pre-existing options ...
// Begin BlueCat catalogue zone import
catalog-zones {
zone "catz.arpa.cam.ac.uk"
// Playground
// default-primaries { 131.111.12.22; }
// Live xfer0
// default-primaries { 131.111.12.37; }
in-memory yes; // If you have the RAM there's no point in using disk
};
// End BlueCat catalogue zone import
};
Example BIND named.conf.local fragment:
// ... your other pre-existing zones ...
// Begin BlueCat catalogue zone secondarying
zone "catz.arpa.cam.ac.uk" {
type slave;
file "db.catz";
masters {
// Playground
// 131.111.12.22
// Live xfer0
// 131.111.12.37
};
};
// End BlueCat catalogue zone secondarying