Delegating and slaving of same zone - good idea or just plain stupid?

Peter Laws plaws at ou.edu
Tue Oct 7 19:46:23 UTC 2008


OK, so for historical reasons, we have servers that serve records for a 
fake internal-only domain whose hosts are all in RFC-1918 space (call those 
"Internal").  They're different from the servers that host our real domain 
on real address space (call those "External").

A while back, we made our External servers slaves for the forward and 
reverse zones on the Internal server.

Now it turns out that I need to delegate off a part of 10.in-addr.arpa. 
Thing is, we never actually delegated that space or the other RFC-1918 
stuff officially.

Clearly, I need to do that before I go delegating some zone off those 
parents (we really should only have one root, even if the Internal stuff 
never goes anywhere - outside, BLACKHOLE-1.IANA.ORG owns 10.in-addr.arpa. 
after all).

My quandary is that I don't think everything pointed at the External 
servers can see (network-wise) those Internal servers, so they wouldn't be 
able to follow the delegation ...

So can I keep slaving and still delegate?  I'm thinking not, but I can't 
find any examples where it's OK or warnings that it's not in some light 
googling this afternoon.

I fear causing the internets to implode and no one wants that.

Peter


-- 
Peter Laws / N5UWY
National Weather Center / Network Operations Center
University of Oklahoma Information Technology
plaws at ou.edu
-----------------------------------------------------------------------
Feedback? Contact my director, Craig Cochell, craigc at ou.edu. Thank you!


More information about the bind-users mailing list