[WARNING! This is a long discussion!]
Is it possible to have a single DNS server support
two different domain names, with each domain
name having it's own forward and reverse lookups?
The problem I seem to run into is that of reverse
lookups; I cannot seem to figure out just how to
have common reverse IP lookups separated so that
it returns the correct domain name based on the
domain name itself.
For example and on a single server: (f=forward, r=reverse)
Domain: domain1.com <inside (private)>
f-IP: 10.1.0.1 host1.domain1.com
10.1.0.2 host2.domain1.com
r-IP: 1 host1.domain1.com
2 host2.domain1.com
Domain: domain1.com <outside (Internet)>
f-IP: 216.99.218.1 host1.domain1.com
216.99.218.2 host2.domain1.com
r-IP: 1 host1.domain1.com
2 host2.domain1.com
Domain: domain2.com <inside (private)>
f-IP: 10.1.0.1 host1.domain2.com
10.1.0.2 host2.domain2.com
r-IP: 1 host1.domain2.com
2 host2.domain2.com
Domain: domain2.com <outside (Internet)>
f-IP: 216.99.218.1 host1.domain2.com
216.99.218.2 host2.domain2.com
r-IP: 1 host1.domain2.com
2 host2.domain2.com
The problem I ran into is that I could not figure out
how to separate the reverse IP tables with each of the
respective domain names because there is only one
file, ie:
0.1.10.in-addr.arpa
218.99.216.in-addr.arpa
The conflict I have is, that for a reverse IP call for domain1
would return the IP that the reverse IP file has contained in
it, for one can only have one reverse IP assignment. For
example. the above reverse IP file (218.99.216.in-addr.arpa)
contains:
1 host1.domain1.com
2 host2.domain1.com
What I'd really like to have:
1 host1.domain1.com
1 host1.domain2.com
2 host2.domain1.com
2 host2.domain2.com
But I believe this is not allowed at all for either the first or
last item searched is returned and the others ignored? How can
I have separate reverse IP files assigned for each respective
domain names?
Here is what I have (partially) from named.conf:
============================================
view "internal" {
// This should match out internal network
match-clients {
10.0.0.0/8;
127.0.0.1;
};
// Provide recursive service to internal clients, only.
recursion yes;
// Provide a complete view of your local DNS zone
// including addresses of internal hosts.
zone "." IN {
type hint;
file "named.ca";
};
// Provide a complete view of your local DNS zone
// including addresses of internal hosts.
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
zone "domain1.com" IN {
type master;
file "domain1-10.1.0.zone";
allow-update { none; };
};
zone "domain2.com" IN {
type master;
file "domain2-10.1.0.zone";
allow-update { none; };
};
// Reverse IP table supports both domain1 and domain2
// How do we assign exclusive reverse IP for each domain name?
zone "0.1.10.in-addr.arpa" IN {
type master;
file "0.1.10.in-addr.arpa";
allow-update { none; };
};
};
// End of internal view
view "external" {
match-clients { any; };
// Refuse recursive service to external clients.
recursion no;
// Provide restricted view of the zone
// containing only publicly accessible hosts.
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
zone "domain1.com" {
type master;
file "domain1-216.99.218.zone";
};
zone "domain2.com" IN {
type master;
file "domain2-216.99.218.zone";
allow-update { none; };
};
// Reverse IP table supports both domain1 and domain2
// How do we assign exclusive reverse IP for each domain name?
zone "218.99.216.in-addr.arpa" IN {
type master;
file "218.99.216.in-addr.arpa";
allow-update { none; };
};
};
// End of external view
============================================
My goal here is to support redundancy by having two
separate servers, each supporting two domain names
so that if one server drops dead, the other server will
take over and also, I really do not want to have 4 different
servers, two for each domain name so, it is about cost
as well.
Does this scenario make any sense at all?
I have looked for examples on the Internet but I could
not find anything that can shed some light on this. Perhaps
someone can point me in the right direction or - perhaps this
is a nutty idea and there is a better way?
Kind regards,
Dan
--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
