From owner-freebsd-questions@FreeBSD.ORG Mon Apr 10 17:04:22 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2B84C16A405 for ; Mon, 10 Apr 2006 17:04:22 +0000 (UTC) (envelope-from xfb52@dial.pipex.com) Received: from smtp-out2.blueyonder.co.uk (smtp-out2.blueyonder.co.uk [195.188.213.5]) by mx1.FreeBSD.org (Postfix) with ESMTP id 33EF843D62 for ; Mon, 10 Apr 2006 17:04:19 +0000 (GMT) (envelope-from xfb52@dial.pipex.com) Received: from [172.23.170.138] (helo=anti-virus01-09) by smtp-out2.blueyonder.co.uk with smtp (Exim 4.52) id 1FSzoI-0005rx-ME; Mon, 10 Apr 2006 18:04:18 +0100 Received: from [80.192.25.195] (helo=[192.168.0.2]) by asmtp-out1.blueyonder.co.uk with esmtp (Exim 4.52) id 1FSzoH-00071k-TK; Mon, 10 Apr 2006 18:04:18 +0100 Message-ID: <443A9011.7040802@dial.pipex.com> Date: Mon, 10 Apr 2006 18:04:17 +0100 From: Alex Zbyslaw User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-GB; rv:1.7.12) Gecko/20060305 X-Accept-Language: en MIME-Version: 1.0 To: Matthias.Apitz@Sisis.de References: <20060410135448.GA10388@rebelion.Sisis.de> <443A6F64.70701@allenmyland.com> <20060410145154.GA11743@rebelion.Sisis.de> <443A74B6.20003@dial.pipex.com> <20060410154903.GA1133@rebelion.Sisis.de> In-Reply-To: <20060410154903.GA1133@rebelion.Sisis.de> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: quoted-printable Cc: freebsd-questions@freebsd.org Subject: Re: /etc/resolv.conf with 3 nameservers X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 10 Apr 2006 17:04:22 -0000 guru@Sisis.de wrote: >El d=EDa Monday, April 10, 2006 a las 04:07:34PM +0100, Alex Zbyslaw esc= ribi=F3: > =20 > >>There's nothing to stop you configuring that local nameserver to use=20 >>your two "backups" for names that it cannot resolve. >> >>You could then leave the two backups in /etc/resolv.conf but if your=20 >>local nameserver is authoritative for your local domain, then you=20 >>probably want to know if it goes away, and those backups won't be able = >>to look up names in your local domain. >> >>I'm making some assumptions about why you set things up this way in the= =20 >>first place, and I may be wrong, but there's too little info in your=20 >>post to give definitive suggestions. >> =20 >> > >The anderlying problem is that we are three companies, now connected >through VPN tunnels. Each company runs it's own DNS server internaly and= >without publicating all its names to Internet. The three DNS are >10.0.1.201 (mine one), xxx.xxx.xxx.xxx and yyy.yyy.yyy.yyy.=20 > >Any idea? Yes, in the future we will unify the whole zone, but this is >not a short term option... > =20 > Presumably all three ranges have distinct domain names E.g. company1.de = company2.de company3.de I am no expert of DNS, but isn't all you need for each "company" to run=20 nameservers which are slaves (secondaries) for the other 2 as well as=20 master of their own? So the nameserver at company1 is master for=20 company1.de and is a slave for company2.de and company3.de etc. Of course, you might want some redundancy in that scenario, with each=20 company running DNS on another server as well, and that one being a=20 slave for all 3 domains. If you don't know enough to do that, I strongly recommend getting the=20 latest edition of O'Reilly "DNS and BIND"; and you should find BIND doc=20 on your FreeBSD system starting in /usr/share/doc/bind9/arm/Bv9ARM.html. Best, --Alex