stoopid question - split dns

Kelly Scroggins kelly at cliffhanger.com
Mon Jul 31 05:21:24 UTC 2000 

Quoting Kevin Darcy <kcd at daimlerchrysler.com>:
   
   Kelly Scroggins wrote:
   
   > I'm sorry for the basic question but I'm a little confused.
   >
   > system : Red Hat 6.1
   > bind   : bind 8.2 ....
   >
   > I have the 'outside' name server (with the limited database) set up as a
   > slave and it is not allowed to transfer data from the master.  Because I
   > don't want the entire world to see the internal network information.
   > According to the logs (/var/log/messages), all zone files are loading
   > without errors.
   >
   > When setting up a split dns ... does the name server on the 'outside'
   > (that's the one with the limited database) have to be the master?  Can
   > it be the slave?
   >
   > If it's the slave, then the zone info would expire?  And if it expires,
   > are the db files deleted from the system?
   >
   > What have I mis-understood?
   
   The db files aren't deleted, but the server will stop answering
   authoritatively when the zone expires. This can conceivably cause problems
   with other nameservers.
   
   What do you hope to achieve by defining it as a slave instead of a master?
   A master file is where you maintain original zone data. That's what you're
   doing here, presumably, so why not just say what you mean?
   
I did say what I meant.  ?

How can I expain this to you?

I do not want all of my internal information to be
seen by the entire world (Internet).

I only want certain devices to be seen be the
entire world (Internet).

As I understand it, this is called split dns.

And I have concluded that the master server can
not be the server with the database that does not
have the full zone information in it.  i.e., the
server that's seen by the entire world (Internet).

I am asking this list if my understanding is
correct.  I am asking for guidance.  I am new to
this whole thing so please be patient with me.

I have three servers.  One is the master and the
other two are the slaves.

One of the slaves is transfering zone info with
our ISP.  So that (slave) server CANNOT have a full copy
of my zone info in it's database because I DO NOT
want all of my internal zone information to be
seen by the entire world (Internet).

I hope I've made my questions clear.

Thanks,
kelly


   - Kevin

More information about the bind-users mailing list