BIND and DNSSEC

Sten Carlsen stenc at s-carlsen.dk
Fri Nov 2 01:43:40 UTC 2012


On 02/11/12 2:08, Barry S. Finkel wrote:
> On 11/1/2012 3:31 PM, Sten Carlsen <stenc at s-carlsen.dk> wrote:
>> The typical server setup (for own servers) is that one name is used for
>> setting up e.g. the mail server, the ideal situation for everybody is
>> that whether I am in house or visiting you, if I have any internet
>> access, I can read and send mail.
>>
>> Now if there is an internal zone with a different name, how will you set
>> up the mail client? internal name is not accessible from outside and
>> external name is not present in internal name space. -> two mail
>> clients? changing setups when moving between networks?
> In this case, either 1) you have one mail server at the external border
> and one mail server internal, or 2) the same MX record in the external
> and internal view. You can have a common records file that you
> $INCLUDE in both views.
> --Barry Finkel

This will work for smtp service, I see a host of interesting issues with
IMAP service. Two mail servers that must be synchronized within a
minute, I don't think that is standard.

The simple solution (small scale) is to have one server, sitting
internally or in DMZ, the internal address record points to the
192.168.x.x address and the external address record points to the public
address of the router, which then has a virtual server set up for it.
This works flawless, I never consider if I am in or out of the house.

-- 
Best regards

Sten Carlsen

No improvements come from shouting:
       "MALE BOVINE MANURE!!!"

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20121102/b9083fb7/attachment.html>


More information about the bind-users mailing list