Simple Delegation Question
Kevin Darcy
kcd at daimlerchrysler.com
Tue Aug 1 23:50:39 UTC 2000
Any connection between forward and reverse DNS entries is completely up to the
discretion of the DNS administrators involved, so, yes, it is quite feasible
for names in different domains to all point to addresses in a given subnet. We,
for instance, have dozens of domains which all point to our public web
presence, consisting of a handful of subnets, and even internally, we have
chrysler.com, daimlerchrysler.com, daimler-benz.com, cfc.com, etc. -- not to
mention names in all different subdomains of those domains or (sub)domain
levels -- all happily sharing subnets with each other.
Now, having said that, you *do* have to make a decision as to which DNS server
is going to be master for each C-class address range's in-addr.arpa zone that
you delegate, since you can't productively have 2 or more masters for a given
zone. This fact could result in political/administrative problems if the
Win2K support staff, for example, want to manage *their* addresses and the
support staff for the existing machines want to manage *their* addresses, on
different DNS servers, all in the same /24 aka a C-class address space. In this
case, you have to pick one DNS server to be the master and then use a
technique, described in RFC 2317, whereby you create aliases in the
regular in-addr.arpa zone, pointing to PTR records in a zone controlled by the
other organization.
By the way, Win2K DDNS or no Win2K DDNS, you should *really* upgrade your
BIND version. 4.x is already very dead. Once BIND 9 is released, it'll seem
positively paleolithic...
- Kevin
Craig Mason wrote:
> I have a BIND 4.x managed domain, example.com. I'm setting up
> corp.example.com as a delegated subdomain to Windows 2000 Active Directory.
> example.com will not be accepting DDNS updates, so don't sweat the version.
>
> I want to know - can systems from example.com live on subnets that also have
> hosts from corp.example.com? Or is it impossible to have hosts from two
> separate domains on the same subnet? (I'm thinking of PTR records problems
> at this point, and who is authoritative for what?!?!)
>
> This is to support a co-existence of a new Windows 2000 Active Directory
> systems (corp.example.com) and production existing Unix and NT systems
> example.com).
>
> Any quips appreciated. Thanks!
More information about the bind-users
mailing list