Split DNS questions

jeff donovan jdonovan at dns.beth.k12.pa.us
Fri Aug 30 14:03:45 UTC 2002


>
>Basically. But be aware that you're going to have to maintain parallel
>versions of your internal zones on each server, with the internal
>version of the zone being a superset of the external version. Forwarding
>is granular only to the zone level, so if your internal server is
>authoritative for, say, example.com, it will never query any other
>nameserver for any name in example.com. This implies that all of your
>external names will need to appear in the internal version of the zone
>as well as all of the "private" names.
Ok,...that doesn't seem to be a to big of a problem, other than 
having to maintain two sites.

The Internal zone hosting private address space and global addresses
and
The External server just hosting the global addresses

my question is, how do I set the external server to accept forward 
requests that the Internal server can not resolve ( eg,..www.isc.org 
, internal client points to internal dns, the query should forward to 
the external server right? )

Is there something special i need to set on the external server to 
accept the queries from the internal server, I know you mentioned 
"allow-recursion".
would this work;

options {
         allow-recursion { My_Internal_DNS };
};


of course I would have to create a static map through my firewall to 
match the IP list.

Thanks for the input.

--j



More information about the bind-users mailing list