Multisite deployment issue

Daniel Armando Rodriguez drodriguez at unau.edu.ar
Mon Aug 2 20:06:31 UTC 2021 

Was wondering If would be possible to setup a forwarding scheme just for 
some subdomains, I emphasize the fact that master is publicly accesible 
and current need is to locally resolv a bunch of subdomains of the same 
zone. I think image attached in previuos message is pretty explanatory, 
but currently my setup doen not work as (I) expected.

> I attach a picture to best describe where I'm standed at.
> 
> https://i.postimg.cc/x8PKnz53/ejemplo-com.png
> 
> Currently disabled the SH setup to let just an authoritative DNS for
> local resolution. Following the example, any request made from PC1 to
> sys4/sys5/sys6 have no issues. However, if such host makes a request
> to sys1/sys2/sys2 just get a time out response.
> Any other query to outside, let's say google.com or whatever, works 
> just fine.

El lun, 26 jul 2021 a las 13:29, Sten Carlsen (<stenc at s-carlsen.dk>>) 
escribió:
>> 
>> Hi
>> 
>> I am running just that setup.
>> 
>> This may not scale well enough for your needs.
>> 
>> I have one server with two views, one internal and one external.
>> 
>> The external view is the hidden master for a number of public servers. 
>> All going through the relevant delegations. This is only 
>> authoritative.
>> 
>> The internal view is selected by the client address and master files 
>> for the same domain but with my internal addresses. This is recursing 
>> and will answer from the master files for those domains and will 
>> recurse for any other query.
>> 
>> This has served me well and e.g. I get the internal address for the 
>> mail server if I query from an internal address and I get the public 
>> address if I query from an external address.
>> 
>> This setup means that mail clients will make a lookup of the same name 
>> always and if at home get the internal address and if outside get the 
>> public address.
>> 
>> There is often a recommendation to use different domains, e.g. 
>> xxx.example.com for public addresses and xxx.internal.example.com for 
>> the same servers internal addresses. This is not very useful since 
>> e.g. a mail client would have to know about two different server names 
>> - with split horizon I can use the same name always.
>> 
>> --
>> Best regards
>> Sten Carlsen
>> 
>> A pessimist is a person that can find a problem for every solution.
>> 
>> 
>> On 26 Jul 2021, at 15.55, Daniel A. Rodriguez 
>> <daniel.armando.rodriguez at gmail.com>> wrote:
>> 
>> Hi there,
>> 
>> Currently have a public DNS up & runnin' but, due to brand new
>> location, there's a need to add local resolution.
>> 
>> With that in mind, first idea was to deploy a split horizon setup.
>> Sadly just local resolution works so far. Double check config but
>> currently I'm stuck with this situation.
>> 
>> Was wondering if having the same zone both public and private, but
>> with different records, could be an issue. Master for the zone is
>> public, of course, and the private one -as mentioned- has a different
>> set of records just for lan hosts. Idea was to go out just when a
>> query for a public subdomain is requested, but that desn't seem to
>> work.
>> 
>> Both forwarders option and recursion are enabled.
>> 
>> Any hint will be much appreciated.





_______________________________________________
Daniel A. Rodriguez
Informática, Conectividad y Sistemas
Universidad Nacional del Alto Uruguay
San Vicente - Misiones - Argentina
www.unau.edu.ar

More information about the bind-users mailing list