Re: DNS records visible only for LAN computers
Peter Macko wrote: Setup: I have a domain example.com that is hosted on DNS under control of my internet provider. Web server www.example.com is hosted by another company. I have setup a local DNS for computers on my LAN. I have a LDAP server on LAN. Question: I want to make LDAP visible only for computers on LAN without altering DNS (of the internet provider). The name of LDAP server should be ldap.example.com. Is it possible to do it? I can think of two solutions: 1) I could create master zone for example.com on DNS (on LAN). This way I have to create A record for www.example.com, but if internet provider changed ip address of the web-server, computers on lan would not reach www.example.com and I would have to update A record on local DNS. 2) Another solution is to create zonefile for subdomain local.example.com on LAN DNS, so ldap.local.example.com. But this is not exactly what I want. 3) Create a zone called ldap.example.com. Put the A record for your LDAP server at the apex of the zone. Obviously, this isn't really scalable -- you don't want to have to create zones and zone definitions for every resource on your LAN, but this is the price you pay for being so disjointed from your webservice/external-DNS provider that they don't even bother telling you when they change the IPs of your main website. If you want scalability, you should take control of example.com yourself and then implement something like views to control how it is presented to internal versus external clients. - Kevin ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
DNS records visible only for LAN computers
Setup:I have a domain example.com that is hosted on DNS under control of my internet provider.Web server www.example.com is hosted by another company.I have setup a local DNS for computers on my LAN. I have a LDAP server on LAN. Question:I want to make LDAP visible only for computers on LAN without altering DNS (of the internet provider).The name of LDAP server should be ldap.example.com. Is it possible to do it? I can think of two solutions:1) I could create master zone for example.com on DNS (on LAN). This way I have to create A record for www.example.com,but if internet provider changed ip address of the web-server, computers on lan would not reachwww.example.com and I would have to update A record on local DNS. 2) Another solution is to create zonefile for subdomain local.example.com on LAN DNS, so ldap.local.example.com.But this is not exactly what I want. What is the correct solution? Thank you _ Windows Live: Friends get your Flickr, Yelp, and Digg updates when they e-mail you. http://www.microsoft.com/middleeast/windows/windowslive/see-it-in-action/social-network-basics.aspx?ocid=PID23461::T:WLMTAGL:ON:WL:en-xm:SI_SB_3:092010___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: DNS records visible only for LAN computers
Check out views or split DNS. On Sunday, November 15, 2009, Peter Macko peter_ma...@msn.com wrote: Setup:I have a domain example.com that is hosted on DNS under control of my internet provider.Web server www.example.com is hosted by another company.I have setup a local DNS for computers on my LAN. I have a LDAP server on LAN. Question:I want to make LDAP visible only for computers on LAN without altering DNS (of the internet provider).The name of LDAP server should be ldap.example.com. Is it possible to do it? I can think of two solutions:1) I could create master zone for example.com on DNS (on LAN). This way I have to create A record for www.example.com,but if internet provider changed ip address of the web-server, computers on lan would not reachwww.example.com and I would have to update A record on local DNS. 2) Another solution is to create zonefile for subdomain local.example.com on LAN DNS, so ldap.local.example.com.But this is not exactly what I want. What is the correct solution? Thank you Windows Live: Friends get your Flickr, Yelp, and Digg updates when they e-mail you. http://www.microsoft.com/middleeast/windows/windowslive/see-it-in-action/social-network-basics.aspx?ocid=PID23461::T:WLMTAGL:ON:WL:en-xm:SI_SB_3:092010 ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: DNS records visible only for LAN computers
In message snt114-w6194bd51e06259d620d29387...@phx.gbl, Peter Macko writes:
Setup:I have a domain example.com that is hosted on DNS under control of my=
internet provider.Web server www.example.com is hosted by another company.=
I have setup a local DNS for computers on my LAN. I have a LDAP server on L=
AN.
Question:I want to make LDAP visible only for computers on LAN without alte=
ring DNS (of the internet provider).The name of LDAP server should be ldap.=
example.com. Is it possible to do it?
I can think of two solutions:1) I could create master zone for example.com =
on DNS (on LAN). This way I have to create A record for www.example.com=2Cb=
ut if internet provider changed ip address of the web-server=2C computers o=
n lan would not reachwww.example.com and I would have to update A record on=
local DNS.
2) Another solution is to create zonefile for subdomain local.example.com o=
n LAN DNS=2C so ldap.local.example.com.But this is not exactly what I want.
What is the correct solution?
Why don't you just create the zone ldap.example.com locally and
transfer it between your local servers?
zone ldap.example.com {
...
allow-query { localnets; };
};
$TTL 3600
@ SOA internal.example.com. peter_macko.msn.com. 1 1200 600 36 180
@ NS internal.example.com.
@ A IPv4 address of ldap server
@ IPv6 address of ldap server
Thank you =20
_
Windows Live: Friends get your Flickr=2C Yelp=2C and Digg updates when they=
e-mail you.
http://www.microsoft.com/middleeast/windows/windowslive/see-it-in-action/so=
cial-network-basics.aspx?ocid=3DPID23461::T:WLMTAGL:ON:WL:en-xm:SI_SB_3:092=
010=
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
