yes, presuming:
- the world knows about your secondary. That is, you have to go to the domain registrars, or your parent DNS zone, and make sure your secondary is listed as a name server on each domain. to wit: check the NS records on each domain to make sure secondary is listed, 'dig ns foo.domain @your.primary.server.ip'.
- your secondary believes it is authoritative for each zone. If it's not configured to believe it's auth, then it will eventually honor the time-to-live expiration your master has set in the zone. So, for example, it will work fine for like 12 hours, then suddenly the slave decides it doesn't trust the cached data and your secondary stops answering. to wit, check a 'dig soa foo.domain @your.secondary.server.ip' and make sure the "aa" flag (authoritative answer) is present in the response.
Caution: your primary is not "preferred" over the secondary in the DNS architecture. If you stand up a secondary, it must be able always answer as quickly as the primary. If you get a slow/sucky server into the NS records mix, you get weird issues when random-DNS-query-from-public goes to the secondary. The secondary is NOT just used if the primary fails. All listed DNS servers are used all the time.
-c
Last edited by cconstantine; 08-28-2007 at 11:55 AM.
|