Nameservers not reachable by the roots
ewilts at ewilts.org
ewilts at ewilts.org
Tue Feb 21 15:01:47 UTC 2006
Do nameservers have to be reachable by the roots? I've got a weird
case where the nameservers are behind firewalls and should only be
reachable for users who tunnel in. So, for example, I'd like to have a
domain example.com with DNS server entries 10.0.0.1 and 10.0.0.2. When
the tunnel is up, these are reachable. When the tunnel is done,
they're not. However, nobody will be able to determine the validity of
the domain unless they have a tunnel. Is this allowed in DNSland? We
seem to recall that registrars don't want you to register a domain
without a valid DNS server - in this case, it doesn't appear valid to
the registrar even though it is for the people that have the
authorization to look up the entries in the domain.
Thanks,
.../Ed
More information about the bind-users
mailing list