how best to do? internal vs external
Dana Quinn
dana at enteract.com
Tue Jun 6 04:54:46 UTC 2000
Hi - we have a situation I'm not sure how to approach.
Our DNS for the outside world is hosted by the company
where our website is colo'd. The site is large, high
traffic, blah blah - the DNS for it can't go down, so
we turned that over to our hosting company. Fine, works
great.
Then, for internal use (this is the part I'm wondering
if there is a smarter thing to be doing), we run a nameserver,
for the same domain as our site, that holds all the same info
as the external DNS hosted by the hosting company, PLUS
records for internal machines - like intranet boxes, so on.
The basic thought was we didn't want to be possibly
exposing internal machine names on outside DNS - not that
they're vulnerable (or even reachable), we just don't want to
tell more about our internal environment than we need to.
This works fine, actually. Internal DNS is served
by this machine in our corporate office, over our corporate
WAN to the other offices. Works fine.
But now, our second largest office wants to run their own
DNS server, which needs to have this internal information,
but they can't transfer the zone files from this internal
DNS server, because it's not authoritative for this zone.
So I have a feeling we've gone awry here somewhere. There
must be a better way to do this - we'd like to keep our innards
private, but need to be able to transfer zones around the
company. Does anyone have any recommendations? Are we
just being stupid? (always a possibility!)
Anyway - thanks for any help possible!
dana
--
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
I'm a fool - and she let me prove it + Dana Quinn
-Cesar Rosas "Little Heaven" + dana at enteract.com
+ linux type guy
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
More information about the bind-users
mailing list