OT: Separate sub zone or two copies of the same zone

Kevin Darcy kcd at daimlerchrysler.com
Thu Aug 17 21:14:56 UTC 2000 

Stanley Liu wrote:

> Just want some opinions from the group:  let say mydomain.com is a
> domain we owned.  Internet DNS (say ns1) has only minimal information on
> it - basically just MX records.  This domain is also used internally in
> our Intranet and we have our own separate Intranet DNS (say ns2).  Some
> of our Business Partners also have access to our Intranet and they are
> configured as slave to ns2 for our zone over private network.
> Everything works fine until we want to put some servers on the Internet
> under the domain name partner.mydomain.com.  All hosts on this sub
> domain will be accessible/resolvable to Internet and Intranet.  There
> are two options we are considering:
>
> 1.  Separate sub zone - Create a sub zone partner.mydomain.com and host
> it on ns1.  Let ns2 be slave to ns1 for this zone.  The upside is that
> we have one copy of zone partner.mydomain.com to maintain.  The down
> side is that all current business partners slave to ns2 for mydomain.com
> will need to add another slave zone of partner.mydomaina.com.
>
> 2.  Two copies of the same zone - Maintain two different copies
> (mydomain.com or partner.mydomain.com) on ns1 and ns2.  The upside is
> that there will be no roll-out issue.  The down side is obviously to
> have to maintain two copies of the same zone.
>
> Which option is better?  Is there a third option?  Any comments would
> beappreciated.

Bear in mind that with option #1, only the business partners who are unable
to resolve Internet names would need to add a new slave definition. If a
business partner can resolve Internet names, then it should be able to
resolve the partner.mydomain.com names without any special help.

Another variation on option #1 is to have the business partners convert
their slave definition to a per-domain forwarding definition, e.g. "type
forward" zone in BIND -- assuming their nameserver software supports such a
thing -- which would take care of mydomain.com _and_ partner.mydomain.com
and any other subdomains you may wish to add in the future. The downsides
would be a) that they wouldn't have the same redundancy that they would as
slaves, and b) depending on a variety of factors, forwarding could use more
resources than slaving (it could just as easily go the other way though!).


- Kevin

More information about the bind-users mailing list