On 3/29/2013 12:09 AM, Doug Barton wrote:
On 03/28/2013 12:28 PM, Ben-Eliezer, Tal (ITS) wrote:
My organization is evaluating the use of split-view DNS in our
environment.
Simple ... don't do it. It's almost never the right answer, and as
you're learning carries with it more administrative overhead than the
problems it's designed to solve.
Much better to spend the time carefully considering what your goals
are, and finding other ways to reach them.
And your alternative is what? Run the external version of the namespace
on a completely separate infrastructure from the internal version?
My personal preference is to make the upfront investment in developing a
split-view config and then pay less in hardware and maintenance costs
(in terms of the vendor and my own staff) in the long term, because I
have fewer nameservers to procure and manage. Of course, I'm a little
biased, since I've *already* developed that config, which rarely
requires tinkering, so the hardware and maintenance savings are just
gravy. For someone just starting out, the cost/benefit decision might be
a little tougher, especially if they're not experienced with BIND
configuration, and thus might cause a lot of
drama/nail-biting/disruption until they get it right.
- Kevin
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
