Dual-homed DNS question

Kevin Darcy kcd at daimlerchrysler.com
Fri Jan 21 21:14:22 UTC 2005

Michael wrote:

>I need to know the best way to design my DNS setup for a couple of production servers.  Each server has two NICs, one in the 10.1 domain and the other in the 10.2 domain.  The 10.2 NICs are connected to a separate switch so I can do large file transfers, backups, etc. without impacting the users who connect via the 10.1 switches.  These servers all, because of the backup software I am using, must be able to resolve each others names to 10.2 addresses.  No problem, just bring up named on one of them and populate it with the four names.
I'm not sure why you brought up a separate instance of named on a box 
whose primary role is something other than DNS. Wouldn't it have made 
more sense to put the names in your regular DNS domain, running on your 
regular DNS infrastructure?

>My question is this.  How do I then resolve the names of the other servers who have the same domain name, but have 10.1 addresses?  I don't want to have to maintain two DNS zones on two servers for all of the 10.1 nodes.
Well, you could host the different zones on the _same_ nameserver.

>I tried forwarders, but I guess I don't fully understand what that option does.  What I want is to resolve the name on the 10.2 server, but if the name isn't found, pass the request along to the other server which is authoratative for the rest of the names.
No, BIND doesn't implement any form of "NXDOMAIN-based forwarding", i.e. 
forwarding a query if the name being queried _should_ be in an 
authoritative zone but doesn't happen to exist there.

But, I guess I don't understand why this is a problem in the first 
place. Why wouldn't the following work?

server1 a
server2 a
server1-backup a
server2-backup a

The backup software would know the boxes by the "-backup" names (you 
could of course substitute whatever variants you wanted there), and 
everyone else would know them by the regular names.

For that matter, you could put the "backup" names in a totally different 
domain. You could even have your own ".backup" TLD if you wanted.

                                          - Kevin

More information about the bind-users mailing list