2 dns records for same server

WBrown at e1b.org WBrown at e1b.org
Mon Aug 20 13:33:44 UTC 2012

"Lightner, Jeff" <JLightner at water.com> wrote on 08/20/2012 08:56:56 AM:

> That is to say don't put the external servers in /etc/resolv.conf on
> your clients - only put the internal one there.  (Or the Windows 
> equivalent setup should only see your internal DNS server.)

Or push via DHCP as in this case.
> I would correct the prior post not to say "EVER" but rather "not 
> directly".   Often in an internal/external configuration only the 
> "external" server queries the internet and the internal one forwards
> requests it gets to the external one.   It doesn't matter if the 
> external server the internal DNS server is pointing to also has 
> records for the domains because the internal server would already 
> have answered for the domains it is authoritative for before trying 
> to forward.   We have internal/external setup here for one domain 
> and have no problems doing this.   (Oddly enough we also have views 
> but that's another story...)

We're using different semantics here.  I meant that the workstation should 
only send queries to the internal server and get answers from same.  Where 
that data comes from, is not important, at least from the perspective of 
the workstation as long as it is correct. 

Put another way, packets are only exchanged between workstation and the 
internal name server. 

Also, this is only for normal operations.  Use of host/dig/nslookup 
directed at any specific DNS servers not included.

Confidentiality Notice: 
This electronic message and any attachments may contain confidential or 
privileged information, and is intended only for the individual or entity 
identified above as the addressee. If you are not the addressee (or the 
employee or agent responsible to deliver it to the addressee), or if this 
message has been addressed to you in error, you are hereby notified that 
you may not copy, forward, disclose or use any part of this message or any 
attachments. Please notify the sender immediately by return e-mail or 
telephone and delete this message from your system.

More information about the bind-users mailing list