What is the proper way to delegate to a private / hidden sub-domain?

[Sten Carlsen]

-- 
Best regards 
Sten Carlsen 


For every problem, there is a solution that
is simple, elegant, and wrong.
HL Mencken


> On 6 May 2020, at 22.10, Grant Taylor via bind-users <bind-users at lists.isc.org> wrote:
> 
> On 5/6/20 1:44 PM, Bob Harold wrote:
>> Good questions.
> 
> :-)
> 
>> I think one possibility (to avoid anycast) is to have an internal and
>> external view for the "example.net" zone, so it can delegate the lab
>> zones to different servers internally and externally.
> 
> But how do you do that if the internal and external views are on different servers with completely different IPs?

I believe the answer must lie in the lookup of a named DNS server, which will be resolved to different IPs depending on your location. Then it can point to different servers.

> 
> I ask because now you're back to the same issue, just at the parent domain:  How does the net zone delegate to different example zones depending on if the client is internal or external.
> 
> I don't see any options that avoid anycast.
> 
>> But that can make the "example.net" zone harder to manage. It would
>> be easier to have a split view for "split.example.net" and lab zones "lab#.split.example.net", if the extra level was acceptable.
> Please elaborate on what you mean by "split view" hear.  I'm used to "split view DNS" being tantamount to what I would use views for.  Which, as previously stated, won't work in this case because the different views are hosted on different servers.
> 
> 
> 
> -- 
> Grant. . . .
> unix || die
> 
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
> 
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20200506/5be6d13e/attachment-0001.htm>