On 12/11/2021 17:14, Reindl Harald wrote:
Am 12.11.21 um 17:48 schrieb lejeczek via bind-users:
Hi guys.
I'm looking to setup my subdomin in-house and I'm hoping
for some wise advises from experts, it's my first foray
into this thus go easy on me please.
zone.top - is hosted by a public registrar
priv.zone.top - I want to delegate to my own bind
I'd hope for some generic recipe and pointer to docs,
thanks.
needs to be done in the parent zone by whoever hosts it
Now what I think might be the tricky part though I get
that an expert might say - trivial.
I am thinking of 'views' or split-horizon or whatever
other nomenclature applies, though I hear that that/those
are discouraged by experts?
Or! might that above be unnecessary(?) if, it's possible
and allowed that such public, mine bind will resolve to
IPs which are 'private' - all that so my 'priv.zone.top'
will resolve to whole www but resources of the
zone/domain will be available, as they are, only in/via
private networks.
Does that make sense?
wouldn't it be easier to setup two different subdomains in
which case you don't need delegation at all - your local
named would hist the internal subdomain and doing
recursion for everything else
i mean when it's private and not www why does the world
need to know about the subdomain?
Because I might not be able to control nor have input into
local-private bind(s) and thus...
clients/nodes on private networks would query www/public
bind and only then would learn of 'priv.zone.top' and then,
via that delegation to my own binds, 'priv.zone.top' would
be served to local-private networks.
- here is where 'views' come to mind, on my binds...
but to make it even more tricky - but some expert may still
say, trivial - currently deployed binds of mine do not
support "split-horizon"
So..
the easiest way out of which I can think would be to have my
binds to simply point to those private/local IPs - here I
wonder, as a newbie has to, if that would make DNS protocols
unhappy or perhaps I get kicked in the teeth right at start.
thanks, L.
_______________________________________________
Please visit
https://lists.isc.org/mailman/listinfo/bind-users to
unsubscribe from this list
ISC funds the development of this software with paid
support subscriptions. Contact us at
https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users