Multisite deployment issue
Nuno Simoes
nunosimoesemail at gmail.com
Mon Aug 2 21:25:12 UTC 2021
Hi,
Yes, so long as you are authoritative for the zone you can forward
subdomains of that zone to any other DNS server you want.
On Mon, Aug 2, 2021, 3:07 PM Daniel Armando Rodriguez via bind-users <
bind-users at lists.isc.org> wrote:
> Was wondering If would be possible to setup a forwarding scheme just for
> some subdomains, I emphasize the fact that master is publicly accesible
> and current need is to locally resolv a bunch of subdomains of the same
> zone. I think image attached in previuos message is pretty explanatory,
> but currently my setup doen not work as (I) expected.
>
> > I attach a picture to best describe where I'm standed at.
> >
> > https://i.postimg.cc/x8PKnz53/ejemplo-com.png
> >
> > Currently disabled the SH setup to let just an authoritative DNS for
> > local resolution. Following the example, any request made from PC1 to
> > sys4/sys5/sys6 have no issues. However, if such host makes a request
> > to sys1/sys2/sys2 just get a time out response.
> > Any other query to outside, let's say google.com or whatever, works
> > just fine.
>
> El lun, 26 jul 2021 a las 13:29, Sten Carlsen (<stenc at s-carlsen.dk>>)
> escribió:
> >>
> >> Hi
> >>
> >> I am running just that setup.
> >>
> >> This may not scale well enough for your needs.
> >>
> >> I have one server with two views, one internal and one external.
> >>
> >> The external view is the hidden master for a number of public servers.
> >> All going through the relevant delegations. This is only
> >> authoritative.
> >>
> >> The internal view is selected by the client address and master files
> >> for the same domain but with my internal addresses. This is recursing
> >> and will answer from the master files for those domains and will
> >> recurse for any other query.
> >>
> >> This has served me well and e.g. I get the internal address for the
> >> mail server if I query from an internal address and I get the public
> >> address if I query from an external address.
> >>
> >> This setup means that mail clients will make a lookup of the same name
> >> always and if at home get the internal address and if outside get the
> >> public address.
> >>
> >> There is often a recommendation to use different domains, e.g.
> >> xxx.example.com for public addresses and xxx.internal.example.com for
> >> the same servers internal addresses. This is not very useful since
> >> e.g. a mail client would have to know about two different server names
> >> - with split horizon I can use the same name always.
> >>
> >> --
> >> Best regards
> >> Sten Carlsen
> >>
> >> A pessimist is a person that can find a problem for every solution.
> >>
> >>
> >> On 26 Jul 2021, at 15.55, Daniel A. Rodriguez
> >> <daniel.armando.rodriguez at gmail.com>> wrote:
> >>
> >> Hi there,
> >>
> >> Currently have a public DNS up & runnin' but, due to brand new
> >> location, there's a need to add local resolution.
> >>
> >> With that in mind, first idea was to deploy a split horizon setup.
> >> Sadly just local resolution works so far. Double check config but
> >> currently I'm stuck with this situation.
> >>
> >> Was wondering if having the same zone both public and private, but
> >> with different records, could be an issue. Master for the zone is
> >> public, of course, and the private one -as mentioned- has a different
> >> set of records just for lan hosts. Idea was to go out just when a
> >> query for a public subdomain is requested, but that desn't seem to
> >> work.
> >>
> >> Both forwarders option and recursion are enabled.
> >>
> >> Any hint will be much appreciated.
>
>
>
>
>
> _______________________________________________
> Daniel A. Rodriguez
> Informática, Conectividad y Sistemas
> Universidad Nacional del Alto Uruguay
> San Vicente - Misiones - Argentina
> www.unau.edu.ar
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
>
> ISC funds the development of this software with paid support
> subscriptions. Contact us at https://www.isc.org/contact/ for more
> information.
>
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20210802/d15790e1/attachment.htm>
More information about the bind-users
mailing list