Re: Please advice on making external zone visible on inside.

In article <c80g8b$ufj$1@sf1.isc.org>,
Fredrik Hakansson <fredrik@spamme.younix.se> wrote:

> Hello good people!
>
> I have a customer with internal root name-servers. Now they need to be
> able to see one of their external DNS zones hosted on their own external
> name servers.
>
> To complicate this further they use the same zones on the inside as on the
> out side. They have decided to migrate out from dual copies of the
> zone files.
>
> Lets say they have zone.com on their inside and zone.com on the out side.
> They want to start use foo.zone.com on the out side but also see it from
> the inside. To solve this and without having to double administer i have
> thoughts about delegate from the inside this sub zone foo.zone.com to
> their external name servers. One thing i am scared of is what if for some
> reason the internal name-servers could learn the NS pointers from the
> external zone.com. If this happens chaos will ensure.
>
> Forwarding is not an option since this is a huge company spread globally
> with hundreds of name-servers.
>
> Have anybody done similar things and have some tips or is there other ways
> of doing this.

You could have the external nameserver move foo.zone.com into a separate
zone, so that the NS records will match the expectations.

--
Barry Margolin, barmar@alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***