Split pocket DNS question

[Mark Andrews]

> I was hoping it was something simple like that but could not seem to find a r
> eference to it anywhere online.

	Well you have failed the read the FAQ which shipped with
	BIND 9 or the online copy of it.

> When that happens I assume that either I am 
> the only one doing this or I've done something wrong.  It would be good if so
> me of the howto's on the bind website (or elsewhere) specifically addressed t
> his.  It seems obvious but ...

	http://www.isc.org/sw/bind/FAQ.php
 
> Thanks for the help.
> N
> ---- Barry Margolin <barmar at alum.mit.edu> wrote: 
> > In article <g3opqn$2hba$1 at sf1.isc.org>, <natrbrazell at cox.net> wrote:
> > 
> > > I have  a potentially stupid question but here goes anyway.  I configured
>  my 
> > > DNS servers in a splitpocket configuration in my DMZ.  I have 2 zones 
> > > internal and external but I only have 1 interface on the DNS servers.  My
>  
> > > firewall has a global set of external IP's that will get forwarded to the
>  DNS 
> > > servers.  My question is with respect to zone transfers.  With one interf
> ace 
> > > on the box when I restart my DNS services the private IP space gets sent 
> to 
> > > my slave DNS server as my public addresses so dnsstuff will say my DNS 
> > > servers are being advertised as 172.16.x.x addresses which obviously caus
> es 
> > > problems.  Now the stupid question...
> > > 
> > > Am I supposed to have 2 interfaces in my Split DNS machines ?
> > 
> > You don't need 2 interfaces, but you do need 2 IPs on the one interface.  
> > The slaves should use the "transfer-source" option in each view to 
> > ensure that they transfer the appropriate version of each zone.
> > 
> > -- 
> > Barry Margolin, barmar at alum.mit.edu
> > Arlington, MA
> > *** PLEASE don't copy me on replies, I'll read them in the group ***
> > 
> 
> 
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org