Would this cause problems ?

Simon Hobson shobson0211 at colony.com
Fri Sep 5 08:51:01 UTC 2003


Further to a discussion a while back on split roots etc, this is an 
idea I've come up with. It would seem OK to me, but can any of you 
see any problems it might cause ?

Situation, as a group we have many domain names used both internally 
and externally. The DNS servers (and admins thereof) are widely 
distributed, and of various kinds (BIND, Novell, Windows).

What I thought could work would be :

We set up a number of DNS servers (which I'll call internal roots for 
want of something better) which have zones defined for all domain 
names used internally. Further, we put these in our DMZs (of which I 
believe there are/will be four around the world), and set up views 
for internal and external resolution.

In an ideal setup, each admin defines the domain names used 
internally and gives these 'internal roots' as the master servers, 
their DNS servers then query these internal roots and get the full NS 
list for each zone.

However, if they do not define the internally used domains, their DNS 
servers will go and get the public NS pointers and go to the DNS 
servers in the DMZs using the public IPs. By correctly setting up the 
routing, and views, these servers will respond with the internal zone 
data, including the full list of internally accessible servers.

I suppose the big issue is the "correctly setting up the routing, and 
views" that I so casually throw in !

Simon

-- 

NOTE: This is a throw-away email address which will reach me for as 
long as it stays spam-free, remove date for real address.

Simon Hobson, Technology Specialist
Colony Gift Corporation Limited
Lindal in Furness, Ulverston, Cumbria, LA12 0LD
Tel 01229 461100, Fax 01229 461101

Registered in England No. 1499611
Regd. Office : 100 New Bridge Street, London, EC4V 6JA.


More information about the bind-users mailing list