Split DNS - Internal W2K and External BIND

[Barry Margolin]

In article <a68m4o$ca at pub3.rc.vix.com>,
Jan Alfastsen <jan at funfactory.dk> wrote:
>Hi' there.
>
>I have 2 external BIND 8.x.x server acting as primary and secondary placed
>on my DMZ ie. behind the firewall.
>These servers holds about 60 domain names.
>
>Now i have 2 Windows 2000 AD domains on my LAN behind the firewall. Say:
>abc.dk and def.dk
>These domain names are also used externaly.
>
>Now I'm tired of maintaining zones both internaly and externaly.
>
>I want's to make a zonetransfer from the BIND 8.x.x. servers on the DMZ to
>my Windows 2000 AD DNS servers on my LAN.
>
>This works fine, but I'm not able to add extra hostnames to the zones
>located on my W2K servers.
>
>Any ideas how to make a workaround??
>
>Actualy we use about 30 of the external domain names internaly for
>development.
>
>say:
>www.abc.dk (external)
>mail.abc.dk (external)
>beta.abc.dk (internal)
>test.abc.dk (internal)
>
>How do I solve this???

If you don't want to duplicate these on both servers, the only solution is
to make each of them a separate zone.  Then you can configure the internal
server as a slave for those subzones.  For instance, on the BIND server you
can put:

zone "www.abc.dk" {
  type master;
  file "db.www.abc.dk";
};

and db.www.abc.dk would contain:

@ IN SOA ns1.abc.dk. hostmaster.abc.dk. (
         ... )
  IN NS ns1.abc.dk.
  IN NS ns2.abc.dk.
  IN A 1.2.3.4

Repeat this for each of the entries that you need to have on both servers.
Anything that's unique to just the internal or external server can be kept
in the abc.dk zone.

Don't forget that you'll also have to make the external secondary server
know about these subzones:

zone "www.abc.dk" {
  type slave;
  file "db.www.abc.dk";
  masters { <address of primary>; };
};

-- 
Barry Margolin, barmar at genuity.net
Genuity, Woburn, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.