DNS Question

Aleksandar Milivojevic amilivojevic at pbl.ca
Fri Dec 17 22:04:46 UTC 2004


Nathaniel Hall wrote:
> I am new to DNS, but I have it mostly configured and working.  The only 
> part I am not able to figure out is a piece I am not sure can even be 
> done.  Here is the problem:
> 
> We would like to be able to configure a DNS server for use within our 
> DMZ for small internal servers.  Our ISP maintains our external DNS 
> presence so we do not want to make this our only point of resolution .  
> I have setup the domain to resolve names inside of domain.com.  If the 
> site is not located internally, it passes the query for unkowndomain.net 
> to our ISPs DNS servers and on from there.  To minimize the amount of 
> updates we would have to perform on our DMZ DNS, we would like to pass 
> queries for domain.com to the ISP if it is not found within the DMZ DNS.

The simple and obvious solution (if your ISP is willing to do it) would be:

Make your DMZ name server the master for your zone (domain).  Have ISP 
configure DNS server(s) on their side as slaves for your zone (using 
your DMZ name server as master).  You update DNS records at one place 
(your DMZ DNS server) and ISP will be updated automatically by zone 
transfers (if ISP's name server supports notifications, this will be 
instantly, if not than after whatever is the configurable poll interval).

You get best of both worlds:

   - you update data at *one* place
   - you update on the server that *you* control
   - ISP is your second point of resolution
   - plus data on your DMZ DNS and on ISP DNS is always the same

You can also have it the other way around (master at ISP, your DMZ 
machine as slave).  If your ISP is willing to configure their master DNS 
server to allow this.

-- 
Aleksandar Milivojevic <amilivojevic at pbl.ca>    Pollard Banknote Limited
Systems Administrator                           1499 Buffalo Place
Tel: (204) 474-2323 ext 276                     Winnipeg, MB  R3T 1L7




More information about the fedora-list mailing list