Authoritative dns with private IP for hostname

Browne, Stuart Stuart.Browne at team.neustar
Tue Jul 31 02:01:09 UTC 2018 

Be wary of DNAME's; they can be quite limited.

Here's an example from our old system:

internal.   3600    IN      SOA     mgmt1.mel.internal.local. sysadmin.external.com.au. 2014051201 28800 14400 3600000 86400
internal.   3600    IN      NS      mgmt1.mel.internal.local.
internal.   3600    IN      NS      mgmt1.syd.internal.local.
internal.   3600    IN      DNAME   external.com.au.

Which means internally we can look up "host.internal" and it will translate to "host.external.com.au".

Stuart

From: bind-users [mailto:bind-users-bounces at lists.isc.org] On Behalf Of Elias Pereira
Sent: Tuesday, 31 July 2018 10:06 AM
To: Grant Taylor; bind-users at lists.isc.org
Subject: Re: Authoritative dns with private IP for hostname

Could you give me an example of how to do with DNAME?

Em seg, 30 de jul de 2018 20:16, Grant Taylor via bind-users <bind-users at lists.isc.org<mailto:bind-users at lists.isc.org>> escreveu:
On 07/30/2018 04:54 PM, Elias Pereira wrote:
> Thanks to everyone that help me!!!

You're welcome.

> The Grant Taylor tuto works like a charm!!! :)

I'm glad that it worked for you.

Note:  I call this technique "Apex Override".

I believe the Apex Override technique can be used anywhere you want to
selectively override a (single) FQDN.

I suspect there are some more nefarious things that you can do with
this, particularly if combined with DNAME.  But I try to keep my hit a
lighter shade of gray.



--
Grant. . . .
unix || die

_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users<https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.isc.org_mailman_listinfo_bind-2Dusers&d=DwMFaQ&c=MOptNlVtIETeDALC_lULrw&r=udvvbouEjrWNUMab5xo_vLbUE6LRGu5fmxLhrDvVJS8&m=nupolP4thDlJODqxLEi-dEDhN8WVngTMx1q-ts6PxaA&s=E4pMIDm6PieL30gKBZtAGZE8Jedqx6UV_kvFvWxLdXE&e=> to unsubscribe from this list

bind-users mailing list
bind-users at lists.isc.org<mailto:bind-users at lists.isc.org>
https://lists.isc.org/mailman/listinfo/bind-users<https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.isc.org_mailman_listinfo_bind-2Dusers&d=DwMFaQ&c=MOptNlVtIETeDALC_lULrw&r=udvvbouEjrWNUMab5xo_vLbUE6LRGu5fmxLhrDvVJS8&m=nupolP4thDlJODqxLEi-dEDhN8WVngTMx1q-ts6PxaA&s=E4pMIDm6PieL30gKBZtAGZE8Jedqx6UV_kvFvWxLdXE&e=>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20180731/3244a0dc/attachment-0001.html>

More information about the bind-users mailing list