Looking for way to mark a zone no-xfer for a sub-domain .
Georgi Sinapov
georgi.sinapov at gramma.net
Thu Aug 31 08:38:55 UTC 2000
You could make a subdomain delegation in you Internet DNS zone file for
baby-dragons.com. like:
$ORIGIN baby-dragons.com.
private IN NS dns.private.baby-dragons.com
$ORIGIN private.baby-dragons.com.
dns.private.baby-dragons.com IN A private.ip.address
Your internal DNS will be primary for domain private.baby-dragons.com.
and you can create zone files for that domain.
Best regards,
Georgi Sinapov
-----Original Message-----
From: Jim Reid [mailto:jim at rfc1035.com]
Sent: 31 ?????? 2000 10:42
To: Mr. James W. Laferriere
Cc: bind-users at isc.org
Subject: Re: Looking for way to mark a zone no-xfer for a sub-domain .=20
>>>>> "James" =3D=3D James W Laferriere <babydr at baby-dragons.com> =
writes:
James> Hello All , I have been searching for an answer to
James> this . I need to make a sub-domain private from the rest
James> of the world but not from the real primary names server .
Implement split DNS. Have two sets of name servers for two copies of
the baby-dragon.com domain. One set is purely for internal use and the
other is for the outside world. Don't mix these zones or name servers.
The internal version of baby-dragon.com contains the delegation to
this "private" subdomain. The external one doesn't. Provided the
internal
users can only find and use your internal name servers and the
external users only get to the external servers, everything will be
fine. Though the DNS administration will be more awkward because there
are more servers and zone files to maintain. Make sure you document
the configuration thoroughly.
James> My primary reason for this is to keep rfc1918
James> addresses from creeping out to the secondaries & thus other
James> systems .
Split DNS is the answer.
More information about the bind-users
mailing list