Setup questions from a BIND newbie

[Kevin Darcy]

Jeremy Grand-Scrutton wrote:

> I some experience of DNS under Windows 2000, but am looking to set up
> BIND 9.2.1 on Red Hat 8.0.  I have registered my own domain name, and
> am happy to continue using my ISPs nameservers to manage external DNS
> entries for this domain, e.g. WWW, SMTP, etc.  I would, however, like
> to use the same domain name for my internal network, with my Red Hat
> box doing the name resolution for internal resources and forwarding
> requests for external resources.
>
> My question is: How do I do this?

Well, the simple answer is that you don't. What most folks do is set up
a zone for their internal DNS, being a superset of what is in their
external DNS. The downside is that one has to maintain both zones in
parallel -- this is a little easier when one hosts both the internal and
external versions of the zone on the same machine (using the
"view" mechanism, for instance), because then one can share the common
records via an $INCLUDE file.

If you have a small number of internal entries, or if you can arrange
for most/all of your internal entries to be put into a subdomain of your
main domain, e.g. internal.example.com, then another approach is to make
each internal name, or each "branch" of internal names, a zone which is
only defined on (all of) your internal nameservers. This approach tends
to require a lot of named.conf maintenance, however, especially if you
have many disparate internal names and/or many internal nameservers,
which is why folks generally go with the approach above.

A hybrid approach is also possible. The apex zones of domains we use
internally and externally, for instance, e.g. chrysler.com,
daimlerchrysler.com, have internal and external versions which are
maintained in parallel. But there are many descendant zones of those
zones which are used exclusively internally or exclusively externally,
and entries in those zones only need to be added in one place.


- Kevin