Bind 9.1 As SOA with Windows 2003 DNS Server
Kevin Darcy
kcd at daimlerchrysler.com
Wed Oct 11 00:38:11 UTC 2006
Skywalker wrote:
> I think I found the answer. Our basic problem is that we are using the
> same domain name (mycompany.com) for internal and external use. I read
> an article about split-brain DNS from Microsoft. We would have an
> external DNS server that is authoritative for the zone and an internal
> DNS server that is authoritative for the the same zone name. This
> method would not expose our internal computers to the outside. The
> internal DNS server could perform forward lookups to the external DNS
> server. The internal computer could therefore perform dynamic DNS
> updates to the internal DNS server. Does this make sense
No, not really. Your problem, as you previously reported it, was that
Dynamic Updates weren't being made to your Microsoft DNS server unless
that server was defined as the "SOA" for the zone (still not 100% sure
what you mean by that term). So what bearing does it have on your
problem whether a particular hosted instance of a zone is designated as
"internal" or "external"? In my last response, I implicitly invited you
to either a) change the MNAME field of the zone's SOA RR to refer to
your Microsoft DNS server (assuming that you were equating "SOA" with
the MNAME field thereof), or at least b) double-check that there is an
NS record at the apex of the zone referring to your Microsoft server. If
neither of those things are true, then the client has no way of knowing
that the Microsoft server is an available target for its Dynamic
Updates, so you shouldn't be surprised that the Dynamic Updates are
never processed.
- Kevin
P.S. This is a BIND-oriented list, so we're getting a little off-topic
when talking about how Microsoft-OS Dynamic Update clients talk to a
Microsoft DNS server. You might be better off taking this to a
Microsoft-specific list.
More information about the bind-users
mailing list