shadow namespace?

Jeff Lasman jblists at nobaloney.net
Wed Oct 9 23:30:53 UTC 2002


Joseph S D Yao wrote:

> One way to do this is with two separate views, each containing a
> different version of the zone.  You would, perhaps, have all shared IP
> addresses in a separate file that is $INCLUDEd into both.  Any IP
> addresses that are only in one or the other might be in a separate
> $INCLUDE file, or in the zone file directly.

How about this way, Joseph (speaking for myself and my domain, of
course)...

The domain is nobaloney.net.  I've got public services, and private
machine names.  For example, www, mail, pop, etc., have published
internet-accessible IP#s, while machine names, such as jesse, elijah,
joshua, etc., have private IP#s.  It seems very convenient to me to just
list them all in my publically accessible zone-file.  Just what in the
way of security, or anything else, am I giving up, with this technique?

Tia.

Jeff
-- 
Jeff Lasman <jblists at nobaloney.net>
Linux and Cobalt/Sun/RaQ Consulting
nobaloney.net, P. O. Box 52672, Riverside, CA  92517
voice: +1 909 778-9980  *  fax: +1 909 548-9484


More information about the bind-users mailing list