delegation of subdomains

[Marc Haber]

On Thu, Oct 04, 2007 at 06:49:14AM -0700, Markus Boehmer wrote:
> I have a question concerning delegation and want to know, if and how
> this can work.
> 
> 1. Domain is "def.gh" - DNS-server is somewhere outside the company
> lan with internet access and is reachable from the internet
> 
> 2. Domain to delegate is abc.def.gh - DNS-server is inside the company
> lan, has internet access, but is not reachable from the internet.
> 
> Is this possible?
> If I got this all correct, then the 1. Server don't has to have access
> to the 2. Server, only the clients, which want to get some information
> from the 2. Server.

This is possible if abc.def.gh does only need to be visible from the
internal network - it's a common setup for internal networks.

You need to make sure that the resolvers that the clients in the
internal network use know about abc.def.gh and where to obtain
information for that domain. If they're bind, a forward zone on the
resolvers will help here.

A different possibility would be to have a different view on the
external DNS server, including the delegation for abc.def.gh for
queries originating with the internal network.

Having the delegation visible worldwide would be a lame delegation for
clients not on the local network, which I consider a config error.

Greetings
Marc

-- 
-----------------------------------------------------------------------------
Marc Haber         | "I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany  |  lose things."    Winona Ryder | Fon: *49 621 72739834
Nordisch by Nature |  How to make an American Quilt | Fax: *49 3221 2323190