Sub domain name server

Barry Margolin barmar at bbnplanet.com
Thu Feb 24 21:25:19 UTC 2000


In article <003501bf7ec8$fa845a00$0401a8c0 at internal.younghome.com>,
Darren A. Young <youngd at younghome.com> wrote:
>
>Question,
>
>Our ISP does DNS for our top level domain, digiship.com as well as the
>in-addr.arpa for the IP's they supply us. In between us and the Internet
>is a firewall that does NAT from our internal un-real IP's. This machine
>(Linux) has a caching only name server currently with all internal
>clients pointing to it.
>
>What I want to do is create a zone called internal.digiship.com and host
>that zone locally on a DNS server. All clients and internal servers would
>reside in that zone in addition to the 192.168 in-addr.arpa zone to match
>the same. Reason being, when we get our Cisco firewall in, I'd like to
>have it log connects and fails with the name if the internal machine, not
>the IP address. Also, I'd like to have DHCP update the
>internal.digiship.com zone with the PC's name.
>
>Do I simply just set up a BIND 8 machine internally and give it entries
>for internal.digiship.com? Should I use an option to forward the TLD up
>to my ISP's name server? Really, just a general questions, but some
>advice would be most appreciated.

If your firewall allows DNS queries through, you could configure it with a
normal root hints file.  It will talk to the root servers and will be
referred to your ISP's nameserver for digiship.com, and to the appropriate
remote server for any other domains.

You could also configure your server as a slave server for digiship.com.
That way it won't have to go out to the Internet to look up addresses in
the parent domain.

-- 
Barry Margolin, barmar at bbnplanet.com
GTE Internetworking, Powered by BBN, Burlington, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.



More information about the bind-users mailing list