1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Sep 2015
    Rep Power

    Split-DNS view/zone management


    We would like to set up split-dns so that external clients cannot resolve internal IPs. We currently have one 'default' view and will be creating a second 'Internal' view, with a match-client list to only allow our organization's IP ranges. We were told by our vendor that we would need to manually separate out which zones are Internal and which are External and put them in the corresponding view, however this leads to two issues:

    1) We have hundreds of zones so manually sorting is not an ideal option
    2) How would we keep the two Views in sync? We have about 500 users all with access to manage their own departmental zones.

    We are using BlueCat DNS servers and front-end GUI.

    Has anyone come across a similar scenario and found a better way to implement it?

    Please let me know what further information you need.

  2. #2
  3. Headless Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Mar 2007
    Washington, USA
    Rep Power
    Unless the BlueCat stuff provides a way to manage it automatically, you're stuck.

    But I wouldn't expect it to be a huge issue to keep running. Setting it up the first time, creating the zones and setting up the DNS records and all, will take time but there should be two factors that help you: DHCP should have internal systems automatically register with DNS, and external DNS shouldn't need to change pretty much ever (what with static IPs for the directly-connected systems).

    What needs to be kept in sync? What's the problem with managing the servers that need to be accessible internally and externally that isn't covered by the two factors above?

IMN logo majestic logo threadwatch logo seochat tools logo