firewalled delegation problem
Barry Margolin
barmar at genuity.net
Wed May 1 22:05:17 UTC 2002
In article <aapfph$bvt7$1 at isrv4.isc.org>,
Vargas Miguel <mvargas at tnsi.com> wrote:
>
>I have a split DNS implementation because we have private internal 10.x.x.x
>addresses. We have delegated several sub-domains from our internal domain.
>So let's say I have three zones, acme.com, a.acme.com and b.acme.com. If a
>nameserver for a.acme.com gets a query for host.b.acme.com it doesn't work.
>I think the problem is that the name server for a.acme.com tries to go to
>the internet root servers to find acme.com but my internal acme.com is not
>reachable from the internet.
>
>Should I make all the name servers for the sub-domains slaves of the
>acme.com parent domain? What about NS entries for the parent domain in the
>sub domains, would that work?
Making them slaves of the internal acme.com should work; you could also
make them all slaves of each other, but if there are lots of subdomains
that gets unweildy.
I don't understand what you mean by "NS entries for the parent domain in
the sub-domains"; a zone file can only contain records in that zone (plus
delegation records for sub-zones and glue records if required).
--
Barry Margolin, barmar at genuity.net
Genuity, Woburn, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.
More information about the bind-users
mailing list