Questions about DNAME records

Chris Buxton cbuxton at menandmice.com
Thu Jun 18 14:44:38 UTC 2009 

On Jun 17, 2009, at 3:51 AM, Braebaum, Neil wrote:
> What I was hoping to do was create, or perhaps more correctly, cater  
> for
> a specific and small number of records for example.com. (by  
> DNAME'ing to
> example2.com.) internally, by creating a very simple zone with the  
> DNAME
> to example2.com. - merely to provide answers for these resource  
> records,
> that I don't want - nor are relevant - to the external use of
> example.com.
>
> example.com. is known on the internet, provided by a managed service  
> DNS
> provided, and hosts some ecom related DNS records. I'm kind of being
> forced down the track of providing some resolution for some specific
> records (the resource records I've given examples for) internally
> (because of the domain name used for some email addresses), but I  
> don't
> want to provide a fully authoritative zone for example.com.  
> internally,
> because I don't want to have to maintain duplicate records in an
> internal example.com. authoritative zone, and for the external
> example.com. zone, and because I don't want to have to maintain or
> expose these resource records in my external example.com. zone.


Setting aside the DNAME record, what you're trying to accomplish is  
something frequently requested - a private overlay on an otherwise  
public zone that doesn't obscure the public zone. But it doesn't work  
the way you want - a server that is authoritative for a zone is fully  
authoritative for that zone - positively and negatively.

The only way to accomplish what you want would be to create one or  
more private zones for subdomains of example.com, to cover the names  
that need to resolve privately without obscuring the public data for  
example.com. For example, you could create _tcp.example.com - I'd be  
willing to bet that this subdomain does not exist in the public  
namespace. You could then DNAME this to _tcp.example2.com, or you  
could explicitly create the CNAME records you want to have.

Chris Buxton
Professional Services
Men & Mice

More information about the bind-users mailing list