*Funky* DNS questions

[Kevin Darcy]

Barry Margolin wrote:

> In article <3908821b.66370956 at news.uswest.net>,
> Jon <jonm.sportsmvp at com.spam.sux.my.butt.com> wrote:
> >I have a couple of questions about DNS, specifically BIND for Linux.
> >
> >Is it possible to set up a SINGLE DNS server such that you get
> >different lookup results depending on your source IP address? In other
> >words, when machine A does a nslookup on funky.domain.com it gets an
> >internal IP address, and when machine B does a nslookup on the SAME
> >name, funky.domain.com it get's a different IP for a different server?
>
> BIND doesn't currently have this capability, but something called "views"
> is supposed to be coming in BIND 9, and I believe it will support this.
>
> You can get close, though.  There's a "sortlist" option that allows you to
> specify the order in which records will be returned.  Since many
> applications only use the first address in the response, sorting the
> responses may achieve your goal.

A big caveat applies to sortlists, of course: intermediate caching servers which
don't happen to be configured with the same sortlists may defeat the sorting by
giving out the addresses in round-robin or some other order. And if your internal
addresses are "private" RFC 1918 addresses, you absolutely should not be giving
out those addresses on the Internet in any form, otherwise they may get into the
caches of multihomed nameservers and can cause nasty problems if the same
addresses happen to be in use on their intranets.

- Kevin