Design Question

Konstantin Agouros elwood at agouros.de
Mon Mar 25 20:24:22 UTC 2013


Hi,

since Resolver and Auth server are no longer destined to run on the same box or as one process for that matter
how is one supposed to set up a Nameserver in a typical enterprise environment where I have a split DNS setting with
zone for the LAN only visible on the inside and normally that nameserver that all the clients get pointed to also does
recursive resolving at least in part (yes it might make sense from a security point of view not to allow this to the clients
but the sad truth is, that in 90% of the companies I see this is the case). So using DHCP I can point the clients either to the
resolver or the auth server assigning both would lead to connection timeouts depending on the client implementation if they
ask the wrong one for the address to resolve. If the resolver is queried it only know servers on the outside where the local zones are
not known and are not supposed to be known.

How do I set this up with just bind10?

Konstantin
--
Dipl-Inf. Konstantin Agouros aka Elwood Blues. Internet: elwood at agouros.de
Altersheimerstr. 1, 81545 Muenchen, Germany. Tel +49 89 69370185
----------------------------------------------------------------------------
"Captain, this ship will not survive the forming of the cosmos." B'Elana Torres







More information about the bind10-users mailing list