Split pocket DNS question

natrbrazell at cox.net natrbrazell at cox.net
Tue Jun 24 11:32:12 UTC 2008

I was hoping it was something simple like that but could not seem to find a reference to it anywhere online.  When that happens I assume that either I am the only one doing this or I've done something wrong.  It would be good if some of the howto's on the bind website (or elsewhere) specifically addressed this.  It seems obvious but ...

Thanks for the help.
---- Barry Margolin <barmar at alum.mit.edu> wrote: 
> In article <g3opqn$2hba$1 at sf1.isc.org>, <natrbrazell at cox.net> wrote:
> > I have  a potentially stupid question but here goes anyway.  I configured my 
> > DNS servers in a splitpocket configuration in my DMZ.  I have 2 zones 
> > internal and external but I only have 1 interface on the DNS servers.  My 
> > firewall has a global set of external IP's that will get forwarded to the DNS 
> > servers.  My question is with respect to zone transfers.  With one interface 
> > on the box when I restart my DNS services the private IP space gets sent to 
> > my slave DNS server as my public addresses so dnsstuff will say my DNS 
> > servers are being advertised as 172.16.x.x addresses which obviously causes 
> > problems.  Now the stupid question...
> > 
> > Am I supposed to have 2 interfaces in my Split DNS machines ?
> You don't need 2 interfaces, but you do need 2 IPs on the one interface.  
> The slaves should use the "transfer-source" option in each view to 
> ensure that they transfer the appropriate version of each zone.
> -- 
> Barry Margolin, barmar at alum.mit.edu
> Arlington, MA
> *** PLEASE don't copy me on replies, I'll read them in the group ***

