delegation question: public/private problem
lauren
misslw at yahoo.com
Fri Jan 11 01:00:14 UTC 2002
Different views would be the nifty way to do it, but with BIND 8
perhaps you could just set up:
zone "corp.foo.com" {
type forward;
forwarders {
10.0.0.3;
10.0.0.3;
}:
allow-query { 10.0.0/24; };
};
Not as nice as views, but available w/ 8.2... l
mexilent at hushmail.com (robert lojek) wrote in message news:<a1jbi0$bou at pub3.rc.vix.com>...
> I've searched the archives, and am still banging my head.
>
> Need to delegate a subdomain "corp.xxxxx.com" in xxxxx.com, but corp
> is private, xxxxx.com is, obviously, public. The DNS server for corp
> is private, too.
>
> I don't want to put a private IP in my delegation line, like:
>
> corp IN NS 172.xxx.xxx.xxx
>
>
> What's the "best practice" to get around this? We have some (private)
> machines pointed at our public DNS boxes that need to know about
> private names.
>
> Should we:
> 1. set up BIND 9 (we're on 8.2x now) and use alternate "views" for
> internal/external?
> 2. have different zone files for the same zone, depending on whether
> the server is public/private?
> 3. not even mention "corp" in public DNS, and point everything & its
> mom that's private at the private DNS box?
>
> or try something else?
>
> Thanks for your input--I'm sure everyone's dealt with this kind of
> thing at some point...
>
> --Rob Lojek
More information about the bind-users
mailing list