I would appreciate some advice on a tricky name server
configuration problem. We have a fairly standard setup with:
- an internal name server which knows about everything
inside our domain with "forwarders <bastion-host>" and
"slave" directives to direct external lookups; and
- a bastion host which runs a domain name server:
+ the server knows about only a few of our publicly
accessible internal hosts, and
+ bastion host clients query the internal server.
The problem is a third party which can be reached either on
the Internet or via a private network connection. The private
link is used for sensitive transactions on hosts which are not
accessible from the Internet. I need to be able to resolve
the names of these hosts.
Using host files on our clients is not an option. There are
too many clients - it really needs to be done by a name server.
One suggestion is to load the internal name server cache with
the required information. However I have a vague recollection
of an assertion that cache-entry TTLs may be ignored.
Would anyone like to comment on the use of the cache for this
purpose, or offer any other solution?
Phil
-- Phil Chadwick
Email: syspmc @
dtir .
qld .
gov .
au ,-_|\ Supervisor, UNIX Support
Phone: +61 7 3247 9239 / * Department of Training
Fax: +61 7 3247 9111 \_,-._/ and Industrial Relations
v
|
|
