BIND and DNS...can I do this?

tnaves at linkwest.net tnaves at linkwest.net
Fri Mar 5 17:44:43 UTC 2004 



On Wed, 3 Mar 2004 phn at icke-reklam.ipsec.nu wrote:

> Jason <jwilliams at courtesymortgage.com> wrote:
> > There is no hiding in the fact that I am new to both BIND and DNS. That=
=20
> > much is true. But, im looking to build my knowledge of both as quickly=
=20
> > as I can.
>=20
> Good. I'd recomment a book "Managing DNS and BIND, 4-th ed" from o'reilly=
,
> it will significantly shorten your learning cycle.
>=20
> > I wanted to ask a few questions about DNS setup in general and if I can=
=20
> > a few things im considering. A little background at the moment.
>=20
> > Currently, we are using our ISP's DNS server for all our information:=
=20
> > pop, smtp, mail, www etc. My plans are to host our hown DNS server down=
=20
> > the road.
>=20
> > In the meantime, i've setup a few internal web servers on our company=
=20
> > intranet and what I want to do now, is setup a DNS server inside our=20
> > network and create zone records to point to these web servers for our u=
sers.
>=20
> > Let's say that my domain is: hotair.com  :)
>=20
> > Is it possible, to setup a BIND server on our private LAN, that can hav=
e=20
> > a zone for hotair.com and I can add hosts for the web servers that I=20
> > have recently put up? Like, web1.hotair.com or web5.hotair.com.
>=20
> Yes. In fact if you make your server a master for that zone it will
> never "go out" and retreive anything about that zone any more, it
> has all info about this zone.
>=20
> > I know it is possible, but my question is, if I do setup a zone for=20
> > hotair.com on my DNS server and being that my ISP is hosting a dns zone=
=20
> > for hotair.com (that contains smtp, pop, mail etc.) will that cause=20
> > complications?
>=20
> It will work if you add everything in that zone ( all 'A' records, 'MX'
> records etc that your current ISP has.In addition you can add more items
> which will only be found if one asks your server. That's called "split-dn=
s"

I used this method and found that it works quite well.  I read the chapter
on firewalls in DNS and BIND and found it way to complicated for my little
mind.  It never described the above method which is both simple, once
someone explains it to you, and works really well.

Regards,

Tom Naves


> The other idea I
> have is adding a private name, like=20
> > internal.hotair.com, but i'd prefer to keep names short, if possible.
>=20
> In the long run that's probably more efficient, at least with all
> resources not visible from outside.
>=20
> > I appreciate the help.
>=20
> There is a chapter of the mentioned book onlline, in fact just the
> one you need :
> http://www.oreilly.com/catalog/dns4/chapter/ch11.html
>=20
>=20
>=20
> > Cheers,
>=20
> > Jason
>=20
>=20
> --=20
> Peter H=E5kanson        =20
>         IPSec  Sverige      ( At Gothenburg Riverside )
>            Sorry about my e-mail address, but i'm trying to keep spam out=
,
> =09   remove "icke-reklam" if you feel for mailing me. Thanx.
>=20
>=20
>=20

More information about the bind-users mailing list