Sharing authority without creating a subdomain

Steven Stromer filter at stevenstromer.com
Thu Apr 17 22:16:44 UTC 2008 

Thanks, Chris. It happens that I am doing this for a client who is  
slowing transitioning services in-house from a hosting provider.  
Thus, we are VERY limited in what we can do to manipulate the  
authoritative zone; an include is not really an option, though a very  
logical idea. Thanks for confirming that there is no 'prettier' way  
to go forward!

Steven


On Apr 17, 2008, at 3:57 PM, Chris Buxton wrote:

> That depends on what trust relationship exists between administrators
> and servers. For example, you could put an $INCLUDE statement into
> your domain.com zone, pointing to a file managed by the other
> administrator. You can use file permissions to control access.
>
> If the other administrator does not have direct access to your server,
> perhaps the file to be included could be copied across by rsync or
> scp, evaluated by a script on your end (looking for records not meant
> to be managed by this administrator), and then copied into place over
> the previous version.
>
> If the $INCLUDE idea doesn't work for you, I think you're going to be
> limited to multiple delegations of individual names over to the other
> servers. (By the way: In your example data, you used underscores in
> the name server names. That is not going to work in the real world,
> where name server names have to abide by the rules for hostnames,
> meaning you can use letters, numbers, and hyphens.)
>
> Chris Buxton
> Professional Services
> Men & Mice
>
> On Apr 17, 2008, at 12:21 PM, Steven Stromer wrote:
>> Hi,
>>
>> I am seeking to delegate authority for a few specific hosts, without
>> placing those hosts under a subdomain. For instance:
>>
>> Zone1:
>> domain.com, with records for...
>> www.domain.com
>> mail.domain.com
>>
>> Zone 2:
>> ftp.domain.com
>> testing.domain.com
>>
>>
>> It would seem that I could create separate zones for each of the  
>> hosts
>> listed under Zone 2, and then make each of these zones into children
>> in
>> Zone1, delegating and providing glue, as such:
>>
>> ftp 86400 IN NS zone2_ns1.domain.com.
>>
>>    86400 IN NS zone2_ns2.domain.com.
>>
>> testing 86400 IN NS zone2_ns1.domain.com.
>>
>>    86400 IN NS zone2_ns2.domain.com.
>>
>> zone2_ns1.domain.com. 86400 IN A 192.253.254.2
>>
>> zone2_ns2.domain.com. 86400 IN A 192.253.254.3
>>
>>
>> However, it seems to be a large amount of work, and just generally  
>> bad
>> form to create a zone for individual hosts. Is there a better way to
>> do
>> this?
>>
>> Thanks!
>>
>> Steven Stromer
>>
>>
>
>
>

More information about the bind-users mailing list