Running DNS on non-registered IP address space
Kevin Darcy
kcd at daimlerchrysler.com
Mon Nov 28 21:09:10 UTC 2005
Mark B wrote:
>I have a DNS server on a LAN which is running on a registered IP
>subnet. This DNS server contains an MX record for an email server
>located on the same LAN, and it is doing zone transfer to a secondary
>DNS server residing outside of the LAN. It's possible that I'll have to
>switch the LAN to a non-registered (ie., 192.168.x.x) address space,
>and I'm wondering if there's a way to continue running the DNS server
>on the internal LAN in that situation, and still maintain email and
>zone transfer capability.
>The zone I'm running is third-level , ie. xxxx.yyy.com
>
You didn't say what clients are using your nameserver. Are they Internet
clients? If so, then 192.168.*.* won't route and you'll need to do some
form of NAT and/or port forwarding. Whether that works for DNS or not is
up to your NAT/port-forwarder implementation/vendor. Zone transfers
*should* work just as well as queries do, because the only real
difference between the two is that TCP is always mandatory for zone
transfers. TCP is sometimes necessary for regular queries too, so any
reasonable DNS implementation will allow both protocols.
If you're just serving internal clients, then the fact that you're
running on a 192.168.*.* address shouldn't be fundamentally different
than running on any other address range. You'll just have to migrate
nameservice just like you normally would.
- Kevin
More information about the bind-users
mailing list