2 dns records for same server

Sun Aug 19 14:23:46 UTC 2012

The OP stated he has 3 separate DNS servers.  Two serving public and
one serving private.  Under those circumstances, there is no specific
need or requirement for views.  Views are only needed if the same DNS
server is answering to clients that you want to give out different
answers.  If as the OP stated, and is assumed, the clients are separated
by different DNS servers, then simply mastering the domain on the
internal vs public servers is sufficient.

-- John

On Sat, 18 Aug 2012 18:43:41 +0000
"Michael Hoskins (michoski)" <michoski at cisco.com> wrote:

> -----Original Message-----
> 
> From: Dwayne Hottinger <dhottinger at harrisonburg.k12.va.us>
> Date: Saturday, August 18, 2012 5:49 AM
> To: "bind-users at lists.isc.org" <bind-users at lists.isc.org>
> Subject: 2 dns records for same server
> 
> >I need to have 2 seperate dns records for the same servername.
> >Essentially when inside my network (10.)  I need it to resolve to a
> >10. ip address.  When outside it needs to resolve to my public ip.
> >Everything Ive done so far with my dns records has returned
> > 2 ip's.  In otherwords when doing a host servername or nslookup
> >servername I get both the external and internal ip's of the server.
> >This seems to be causing issues with the applicatons on the server.
> >Some computers inside my network are trying to connect
> > to the public ip (which is being natted from my firewall), those
> > that
> >are connecting are extremely slow.  The slowness leads me to believe
> >that they are first trying the public ip before hitting the private.
> >
> >
> >My dns is setup with a dns server inside my network (serving the 10)
> >and 2 dns servers for my public ip's.    My lan is setup that each
> >of my sites (schools) are in a different dns zone.  What I want to
> >happen is the url or name of the server to be the
> > same regardless of where the user is either inside or outside my
> >network.   
> >
> >
> >So far I have tried setting up a seperate zone file for my internal
> >dns and adding the entry to my external like I normally do.  This is
> >what resolves with 2 ip's.   Is there anyway to get my dns servers
> >to do this?
> > 
> 
> As others have mentioned, you need views.  You're on the right track
> with two zone files, but need a bit more configuration.  Ultimately
> you'll want to read over the ARM for more detail on views and other
> available options before running a name server (especially one that's
> publicly exposed), but here are the key points:
> 
> options {
> 	directory "/etc/namedb";
> 	listen-on {
> 		a.b.c.d; # external IP
> 		e.f.g.h; # internal IP
> 	};
> 	empty-zones-enable yes;
> };
> 
> # acls, etc. now shown here
> include "common.conf";
> 
> view "external" in {
> 	match-destinations { a.b.c.d; };
> 	notify-source a.b.c.d;
> 	transfer-source a.b.c.d;
> 	query-source a.b.c.d;
> 	allow-transfer { transfer; };
> 	allow-query { trusted; };  # or any
> 	recursion yes;  # or no
> 	allow-recursion { trusted; };  # or none
> 	zone "." in { type hint; file "named.root"; };
> 	include "external_master.conf";
> 	include "external_slave.conf";
> };
> 
> view "internal" in {
> 	match-destinations { e.f.g.h; };
> 	transfer-source e.f.g.h;
> 	query-source e.f.g.h;
> 	allow-transfer { transfer; };
> 	allow-query { trusted; };
> 	recursion yes;
> 	allow-recursion { trusted; };
> 	zone "." in { type hint; file "named.root"; };
> 	include "internal_master.conf";
> 	include "internal_slave.conf";
> };
> 
> Then in your included *.conf files make sure your external and
> internal zones point to different zone files like
> /etc/namedb/internal/{master,slave}/* and
> /etc/namedb/external/{master,slave}/*.
> 
> 
> http://ftp.isc.org/isc/bind9/cur/9.9/doc/arm/Bv9ARM.ch06.html#view_statemen
> t_grammar
> 
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
> 
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users