Split pocket DNS question
Mark_Andrews at isc.org
Tue Jun 24 22:28:34 UTC 2008
> I was hoping it was something simple like that but could not seem to find a r
> eference to it anywhere online.
Well you have failed the read the FAQ which shipped with
BIND 9 or the online copy of it.
> When that happens I assume that either I am
> the only one doing this or I've done something wrong. It would be good if so
> me of the howto's on the bind website (or elsewhere) specifically addressed t
> his. It seems obvious but ...
> Thanks for the help.
> ---- Barry Margolin <barmar at alum.mit.edu> wrote:
> > In article <g3opqn$2hba$1 at sf1.isc.org>, <natrbrazell at cox.net> wrote:
> > > I have a potentially stupid question but here goes anyway. I configured
> > > DNS servers in a splitpocket configuration in my DMZ. I have 2 zones
> > > internal and external but I only have 1 interface on the DNS servers. My
> > > firewall has a global set of external IP's that will get forwarded to the
> > > servers. My question is with respect to zone transfers. With one interf
> > > on the box when I restart my DNS services the private IP space gets sent
> > > my slave DNS server as my public addresses so dnsstuff will say my DNS
> > > servers are being advertised as 172.16.x.x addresses which obviously caus
> > > problems. Now the stupid question...
> > >
> > > Am I supposed to have 2 interfaces in my Split DNS machines ?
> > You don't need 2 interfaces, but you do need 2 IPs on the one interface.
> > The slaves should use the "transfer-source" option in each view to
> > ensure that they transfer the appropriate version of each zone.
> > --
> > Barry Margolin, barmar at alum.mit.edu
> > Arlington, MA
> > *** PLEASE don't copy me on replies, I'll read them in the group ***
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the bind-users