Questions about DNAME records
Chris Buxton
cbuxton at menandmice.com
Thu Jun 18 21:12:07 UTC 2009
On Jun 18, 2009, at 9:08 AM, Joseph S D Yao wrote:
> On Thu, Jun 18, 2009 at 07:44:38AM -0700, Chris Buxton wrote:
> ...
>> Setting aside the DNAME record, what you're trying to accomplish is
>> something frequently requested - a private overlay on an otherwise
>> public zone that doesn't obscure the public zone. But it doesn't work
>> the way you want - a server that is authoritative for a zone is fully
>> authoritative for that zone - positively and negatively.
>>
>> The only way to accomplish what you want would be to create one or
>> more private zones for subdomains of example.com, to cover the names
>> that need to resolve privately without obscuring the public data for
>> example.com. For example, you could create _tcp.example.com - I'd be
>> willing to bet that this subdomain does not exist in the public
>> namespace. You could then DNAME this to _tcp.example2.com, or you
>> could explicitly create the CNAME records you want to have.
> ...
>
>
> I don't remember all of the original question, but ... ISTM this is
> not
> the only way. One may also have public and private views of the same
> zone, including only the public info in the public view, but including
> public and private info in the private view. I would agree if you
> were
> to argue that separate subdomains are a cleaner way to do this,
> though.
Yes, that will absolutely work. But the OP requested a method that did
not involve managing the public data in two places.
Chris Buxton
Professional Services
Men & Mice
More information about the bind-users
mailing list