Split-dns using an existing private DNS server

[Des]

Is it possible to use an existing local DNS server to host the local copy of the domain DNS records - the one that points to a local resource, e.g. mail.localdomain, rather the external view of the same server, e.g. mail.mycompany.com?

Have I got this right? With Split-DNS, the local DNS and the external DNS both claim to be authoratative about mycompany.com; the local DNS has private IPs for local resources (192.168 etc) and the external DNS has external IPs for external resources (69.... etc)?

What about the local reverse lookup of mail.mycompany.com? DO I point 192.168.X.X at mail.mycompany.com or mail.localdomain?

Sorry if this has been asked to death.

[p_nyet]

please read this link

For secure and realiable domain name server [split dns]

[phoenix]

Quote:

Originally Posted by Des

Is it possible to use an existing local DNS server to host the local copy of the domain DNS records - the one that points to a local resource, e.g. mail.localdomain, rather the external view of the same server, e.g. mail.mycompany.com?

Have I got this right? With Split-DNS, the local DNS and the external DNS both claim to be authoratative about mycompany.com; the local DNS has private IPs for local resources (192.168 etc) and the external DNS has external IPs for external resources (69.... etc)?

What about the local reverse lookup of mail.mycompany.com? DO I point 192.168.X.X at mail.mycompany.com or mail.localdomain?

Sorry if this has been asked to death.

You point all your DNS records that are located on your LAN DNS server at your private LAN IP address. I'd also suggest that you use the same domain name for your lan DNS records as you have for the external domain name, it usually stops any confusion for your users.

[phoenix]

Quote:

Originally Posted by p_nyet

For secure and realiable domain name server [split dns]

Aren't the words 'secure' and 'bind' mutually exclusive? Surely the better choice would be a DNS server that's designed to be secure such as PowerDNS or one of the other secure DNS servers?

[Des]

Thanks for the comments guys.

[Des]

If I want my mail server to handle myfirstpublicdomain.com, I put a line in the /etc/hosts file like:

Code:

192.168.0.36   mail.mypublicdomain.com    mail

What happens when I want it to handle mail mynextpublicdomain.com as well?

Also, what address should I use for local clients that want to send mail via Zimbra? Assuming that they won't want to point to mail.mypublicdomain.com , I put a name in the local DNS that maps mail.localdomain to 192.168.0.36 and the clients use that name for local access.

Cheers,

[phoenix]

You only need the FQDN of your server in the hosts file, you don't need multiple entries. If you're going to host multiple domains on it you can add multiple DNS A & MX records that point to your Zimbra server LAN IP - that assumes you want them to use the url format of mail.domain1.com, mail.domain2.com etc. You shouldn't need anything else.

[Des]

Thanks, Bill. And the question about local client access?

[phoenix]

Quote:

Originally Posted by Des

Thanks, Bill. And the question about local client access?

I thought that was implicit in what I'd mentioned earlier. Your LAN users would need to use a url that points to your LAN IP of the server. I usually recommend that the domain name you use in your LAN DNS is the same as the one you use for your public DNS records as that obviates the need to have different urls for internal/external clients.