Split pocket DNS question
Barry Margolin
barmar at alum.mit.edu
Mon Jun 23 21:15:25 UTC 2008
In article <g3opqn$2hba$1 at sf1.isc.org>, <natrbrazell at cox.net> wrote:
> I have a potentially stupid question but here goes anyway. I configured my
> DNS servers in a splitpocket configuration in my DMZ. I have 2 zones
> internal and external but I only have 1 interface on the DNS servers. My
> firewall has a global set of external IP's that will get forwarded to the DNS
> servers. My question is with respect to zone transfers. With one interface
> on the box when I restart my DNS services the private IP space gets sent to
> my slave DNS server as my public addresses so dnsstuff will say my DNS
> servers are being advertised as 172.16.x.x addresses which obviously causes
> problems. Now the stupid question...
>
> Am I supposed to have 2 interfaces in my Split DNS machines ?
You don't need 2 interfaces, but you do need 2 IPs on the one interface.
The slaves should use the "transfer-source" option in each view to
ensure that they transfer the appropriate version of each zone.
--
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***
More information about the bind-users
mailing list