delegation of subdomains

Marc Haber mh+bind-users at
Sun Oct 7 05:02:14 UTC 2007

On Thu, Oct 04, 2007 at 06:49:14AM -0700, Markus Boehmer wrote:
> I have a question concerning delegation and want to know, if and how
> this can work.
> 1. Domain is "" - DNS-server is somewhere outside the company
> lan with internet access and is reachable from the internet
> 2. Domain to delegate is - DNS-server is inside the company
> lan, has internet access, but is not reachable from the internet.
> Is this possible?
> If I got this all correct, then the 1. Server don't has to have access
> to the 2. Server, only the clients, which want to get some information
> from the 2. Server.

This is possible if does only need to be visible from the
internal network - it's a common setup for internal networks.

You need to make sure that the resolvers that the clients in the
internal network use know about and where to obtain
information for that domain. If they're bind, a forward zone on the
resolvers will help here.

A different possibility would be to have a different view on the
external DNS server, including the delegation for for
queries originating with the internal network.

Having the delegation visible worldwide would be a lame delegation for
clients not on the local network, which I consider a config error.


Marc Haber         | "I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany  |  lose things."    Winona Ryder | Fon: *49 621 72739834
Nordisch by Nature |  How to make an American Quilt | Fax: *49 3221 2323190

More information about the bind-users mailing list