> From: Gary Gladney <glad...@stsci.edu> > Date: Tue, 25 May 2010 22:30:15 -0400 (EDT) > Sender: bind-users-bounces+oberman=es....@lists.isc.org > > We have some people at my site who like a zone configured on our > internal DNS server named xxxx.apple.com. The zone information would > not be replicated to our external server but I suggested this is not a > good idea basically because the domain name of apple.com and if for > some reason this zone information did replicate to our external server > it would create some problems. The reason for using this zone is they > want to be able to update MAC's but when they are connected to our > site they would use xxxx.apple.com and when they are not connected > they would use apple.com. If anyone else has an opinion about this I > would like to hear it.
First, it should not ever be seen externally unless you do something really dumb. But I have done things that were really dumb and you probably have, too. So, it gets on the external server. Who, outside of your organization would be sending a query for some domain inside of apple.com to your server? Let alone a single domain like xxxx? Seems like a pretty long shot. So, make a dumb mistake and have some system somewhere manage to have your server listed as a forwarder. Yes, I suppose something could actually cause a problem, but I think I'll put the concern just under getting struck by a meteorite in the way to work tomorrow. Now, Mark can explain what I overlooked and why this really IS a bad idea. Or, maybe I got it right. -- R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: ober...@es.net Phone: +1 510 486-8634 Key fingerprint:059B 2DDF 031C 9BA3 14A4 EADA 927D EBB3 987B 3751 _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
