Split view - different records in zones

Kevin Darcy kcd at daimlerchrysler.com
Thu Sep 15 15:56:03 UTC 2005 

Karntol Dernsef wrote:

>Heya there,
>I've got a question concerning the split view, concerning the fact that 
>there are differences between the internal and the external zones.
>
>We've got some zones hosted in the internal DNS, for example named 
>bummer.org <http://bummer.org>, we host this one because we use an intranet 
>server and some other A records, pointing to servers within our walls. For 
>example intranet01.bummer.org <http://intranet01.bummer.org>.
>
>But then, the website and the maildomain is hosted and maintained/built by 
>our hosting company, and the DNS is hosted there too. So we do need some 
>records pointing to external IP adresses, for the domain
>mail.bummer.org<http://mail.bummer.org>and
>www.bummer.org <http://www.bummer.org> for example. From here, we've got a 
>problem, because the bummer.org <http://bummer.org> zone is hosted 
>internally, the resolvers try to resolve the records in the internal zone 
>from our authoritative DNS server. But, there is no
>mail.bummer.org<http://mail.bummer.org>there, and no www record there.
>Also, when we will create them, we will have
>a problem again, when the hosting company decides to create a 
>www01.bummer.org <http://www01.bummer.org>, or a
>projects.bummer.org<http://projects.bummer.org>to which is linked from
>the website for example.
>
>What would be the best way to tackle this problem, is there a possibility 
>that our resolvers try to resolve a record on the Internet in a particular 
>zone, when our authoritative DNS server says there is no such record in that 
>particular zone? Is there a configuration option like that in named.conf? 
>
>The thing is, we just migrated the DNS from another company to do it 
>ourselves, and we just migrated the zones without changing the content, 
>except the NS records of course. It seems that they have overcome this 
>problem in some way too, but we can't ask (well, actually we can, but we 
>don't expect an answer)
>
>Or should we maintain the external records also internally? The problem is 
>that we have two static databases which can get inconsistent because of 
>humans need to communicate the changes.
>
>It is no option to just host for example bummer.int <http://bummer.int>, and 
>keep that zone in our internal servers, it is a huge organisation, and it 
>will take months to arrange that. 
>
>I hope someone can point me in some good directions for this.
>
There is no provision for "forward-on-NXDOMAIN" in BIND, so you'll have 
to maintain the external entries in the internal version of the zone(s). 
For us, this is an automatic feature of our homegrown maintenance system.

                                                                         
                                    - Kevin

More information about the bind-users mailing list