Internal and external DNS

[Kevin Darcy]

NS records aren't used for "redirect"ing in the way you describe. They just
provide ways for nameservers to find other nameservers which can answer a
particular query. A regular desktop client doesn't use NS records implicitly
for resolving queries.

Sounds like you need to implement the classic "split DNS" where you duplicate
your external-only names into your internal DNS zone so that internal clients
can resolve those names in addition to the internal ones. I know all too well
that this is a pain. One idea would be to automate this by periodically
zone-transferring your external zone(s) and then merging its/their contents
into the internal zone(s). Me? Since I actually control both internal and
external DNS, I just make all changes for external names in both places
(external updates are manual now, but I plan to automate this as I switch over
all of my maintenance systems to Dynamic Update).


- Kevin

Guy wrote:

> Hi all,
>
> Must be a very easy question, but there is something I could not understand
> in the bind documentation, so if I could get an example it would be better :
>
> We have an "internal" DNS that we are using for our private IP addresses
> (these addresses are not registered anywhere).  We also can use our ISP's
> DNS, to access the internet. As we have now to give the address of the
> internal DNS on all our PCs, I want to redirect the local unresolved
> addresses to the IPS's DNS. Will it be enough to add in our DNS an "NS
> record" pointing to the ISP's DNS , or will I have to add someting
> somewhere. Our DNS server is an Unix (AIX) server.