architecture question

Lawrence K. Chen, P.Eng. lkchen at ksu.edu
Wed May 8 19:53:18 UTC 2013 

Years ago we decided to create a private TLD of .campus 

What we did was make all our caching nameservers also be authoritative for this private TLD. And, this works....except for delegated subdomains, which are handled through using forwarding zones. 

later when the needed to be able to get real certificates for the systems, we went to split DNS -- for a number of subdomains, with .campus becoming campus.ksu.edu -- which has caused all sorts of problems... 

When we went split, all the names in .campus were copied over (minus their subdomain). And, it was decided that no more new hosts in .campus (except for the subdomains delegated to ADS - ads.campus & users.campus - and the subdomin for network devices - net.campus) 

Used to be iso systems were in the as.ksu.edu subdomain, so later then got hosts in the as.campus subdomain....but shortly after the creating of .campus, we went to functional hostnaming.... servers used to have theme names, like hawkeye, radar, klinger....or eagle, hawk, falcon.... this switched to iso-xxx type names. 

So iso-xxx.as.campus became iso-xxx.campus.ksu.edu 

We tried to make .campus go away, (which would've helped the search problem, since as.campus, cc.campus, foo.campus would compress into just campus.ksu.edu), but there are systems that would require the application to be reinstalled from scratch to make the change. 

Just like there's no more cns department, but our netbackup server was installed with a cns subdomain name. And, just about every resolv.conf has 6 entries in its search. Something about Oracle stuff needs search to have all the subdomains in it..... So, along will come a request to add another entry to search (the big reason is the upgrades from Oracle 10 to 11 and needing those CRS ips....which can't be in the same .campus domain as the rest of the system.... so need to add new subdomain to the list. 

Somebody will see cns.ksu.edu and say that hasn't been around for years....remove that. And, then suddenly Oracle RMAN backups start failing.... 

----- Original Message -----

> I am building a lab environment where there are several separate
> domains, all of them ending in .local

> I've setup a server for the .local TLD, but I'm undecided (or perhaps
> ignorant) as to the best way to have the individual domains
> (domain1.local, domain2.local, etc) refer to the local zone on my
> TLD server. Currently I've also created a root server and set the
> root hints on domain1.local's dns server to refer to it. This works
> for local resolution, but this means that domain1.local can't
> perform Internet lookups.

> Thanks for any help,
> Jeremy
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list

> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
-- 

Who: Lawrence K. Chen, P.Eng. - W0LKC - Senior Unix Systems Administrator 
For: Enterprise Server Technologies (EST) -- & SafeZone Ally 
Snail: Computing and Telecommunications Services (CTS) 
Kansas State University, 109 East Stadium, Manhattan, KS 66506-3102 
Phone: (785) 532-4916 - Fax: (785) 532-3515 - Email: lkchen at ksu.edu 
Web: http://www-personal.ksu.edu/~lkchen - Where: 11 Hale Library 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20130508/5d1021e8/attachment-0001.html>

More information about the bind-users mailing list