How should I configure internal and external DNS servers
Nick Howitt
nick at howitts.co.uk
Fri Nov 3 19:15:45 UTC 2023
On 03/11/2023 18:06, Marco M. wrote:
> Am 03.11.2023 um 17:58:51 Uhr schrieb Nick Howitt via bind-users:
>
>> On 03/11/2023 17:54, Marco M. wrote:
>>> Am 03.11.2023 um 17:48:32 Uhr schrieb Nick Howitt via bind-users:
>>>
>>>> My problem is the use of external IP's duplicated between the
>>>> internal and external masters for some IPs/FQDNs which I want to
>>>> get rid of.
>>> Implement IPv6 and get rid of the old IPv4 technology for internal
>>> communication.
>>>
>>> It is a big task, but after it is being done, many nasty stuff is
>>> gone like NAT hairpinning or split-DNS.
>> Not remotely on the cards with 200+ servers and so on, I'm afraid.
> You have to start at some time, rest is a matter of time.
>
>> Some of the servers are too old, I think for IPv6 - SLES 11.
> Already out of support. Such machines must not be connected to the
> internet anymore because they are a security risk. Replace them with a
> current operating system.
You are preaching to the converted, but we have a huge mix of SLES 11,
Ubuntu 16, 18, 20 and 22 machines + Windows Server 2016. Getting them
all current is a long term project and it has to go through all sorts of
customer authorisations. I am after a quick win with the Bind configs
More information about the bind-users
mailing list