On Fri, 2005-09-23 at 12:39 -0600, Louis Zirkel wrote:
> Michael Torrie wrote:
> > I've figured out a way to do what I want to do.  This is a horrible
> > abuse of DNS, but it works.  
> What version of BIND are you running, and have you considered using split 
> horizon DNS?  I would think that it would provide a solution since you can 
> specify the zone files to use based on subnets.

BIND 9.  And split horizon dns would be a bit of an overkill for me,
since what I'm doing (overriding is for every internal private
subnet. For the external public subnet, yes split-horizon would be
great.  Rather than do split-horizon DNS, though, we just have two
servers.  One serves the private subnets (with the overriding
zones) and the other serves the public subnets.  The public one sits in
our DMZ.  Because our internal private DNS is tied to our DHCP server
for dynamic updates, we can't place it in the DMZ.  So there are some
architectural limitations here that prevent split horizon.


