secondary vs. delegation
Brian Noecker
bnoecker at webb.net
Tue Jul 3 21:52:21 UTC 2001
>>
>>I've gotten myself confused a bit on justifying delegation. We do DNS
>>service for a company foo.com that wants to run their own DNS servers for
>>internal corp.foo.com. We are looking at delgating the corp.foo.com to
>>their name server so they can administer the zone file how they want.
Their
>>internal corp.foo.com servers are all internal IP address 192.168.x.x
>>servers.
>>
>>My question is, why justification is there to delegate rather than to just
>>be a secondary for a subdomain?
>The two issues are independent. In order for them to administer the
>subdomain themselves, you *have* to delegate it;
This applies, even if the corp.foo.com network is in total an internal
domain? Any external access to the internal servers can be CNAME'd to a
record in the parent foo.com domain. Lookups to the corp.foo.com domain
would only come from members of that domain, and possibly those of us who
administer their network. In that case, as secondaries, using search lists,
we are able to find their resources. This setup is meant to hide this
internal corp.foo.com network from the outside world, while keeping any
public servers in accissible via the foo.com domain.
>...otherwise, you'll just
>look in the foo.com zone for everything. If you want, you can also be
>secondary for the subdomain, but this doesn't remove the need to delegate
>it.
Would delegating solve the issue of having to use search lists for these
subdomains?
Thanks!!!
--
Barry Margolin, barmar at genuity.net
Genuity, Burlington, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the
group.
More information about the bind-users
mailing list