Multiple Network Subnets within same Domain Name Zone

Kevin Darcy kcd at daimlerchrysler.com
Wed Jun 23 18:09:56 UTC 2004


Saunders, Shawn wrote:

>Is there any potential problems to the following scenario?
>
>I am authoritative for a domain, say xyz.com that has some host addresses
>outside my firewall on public IP's.  But I must also, have the hosts, inside
>my firewall using Private Addresses 192.168.xxx.xxx within the domain
>xyz.com, because of some legacy software that would require a major rewrite
>to access these hosts, if we changed their naming structure.
>
>I just find it odd, to have multiple networks, being resolved to the same
>domain, and if I do this, there is no real way to do the reverse zones for
>the domain, because it would entail having multiple reverse zones for the
>same domain, and is that allowed?
>
Yeah, sure it's allowed. On our internal network, we have a public class 
A, several public class B's, and various private ranges, all 
intermingled within the same forward domain. (Actually, it's a 
many-to-many relationship, since we have have several forward domains too).

You should *not* put private addresses in the Internet DNS, though, and 
if (as you indicated) you use private address ranges, you *must* define 
the relevant reverse zones in your DNS so as to prevent pollution of the 
Internet DNS infrastructure with your private-address reverse lookups. 
As Peter suggested, you may want to look at the "view" feature to 
resolve the same name to different addresses depending on what client 
(internal vs external) is doing the asking. Be aware that this will 
incur parallel maintenance, however...

                                                                         
                                 - Kevin





More information about the bind-users mailing list