BIND 8 with forwarding and sub-domains under a split-dns

[Christian Schneider]

Hi DNS-experts,

I'm currently in the need for planning some kind of split-DNS structure with
the following (note: everything described here exists only in theory, its
not a working implementation; but I would like it to become one....):

    * internal private name-server at our HQ holding the head-domain

    * shadowed public name-server (same domain) on the public Internet with
only a few public RRs

    * internal (non-advertised) sub-domains which are delegated to other
internal name servers at our local branches

    + these "deeper" name servers holding the sub-domains use the
forwarder-statement (with the slave-option) to get the connection to the
private internal head-DNS-server for being able to also resolve queries for
this head-domain and other sub-domains of it as well

    + the private head-DNS-server has a forwarder (with the slave-statement)
pointing to the public shadowed-DNS-server, which then uses its hints-file
(chache.db) for resolving the whole Internet-namespace



Ok, but now my scope of DNS ends, because I believe that the sub-domains
will not work with the forwarders. Will the delegation of sub-domains work
properly on the head-DNS-server, though it has a forwarder pointing to the
public shadowed DNS ?? I think not. And that's the point...

But since this implementation should be done under BIND 8, I cannot use the
no-forward patch for BIND 4... and also I think that the possibility of
'per-zone forwarding' new in BIND 8 won't solve the problem either...

So now I have no further ideas and my scope of DNS has reached its true
end... Therefore my only hope is to ask the usenet-community on this
topic... ;-)

What do you think about it?

Best regards and thanks in advance,
Chris

mail at christian-schneider.de