Bind updating outside zone

Split DNS can also be used to allow mail from outside back in to the internal network.

) has several corporate sites that have an internal network with reserved Internet Protocol (IP) space and an external demilitarized zone (DMZ), or "outside" section of a network, that is available to the public.

In order to accomplish this, the company will set up two sets of name servers.

One set will be on the inside network (in the reserved IP space) and the other set will be on bastion hosts, which are "proxy" hosts that can talk to both sides of its network, in the DMZ.

One common reason for setting up a DNS system this way is to hide "internal" DNS information from "external" clients on the Internet.

This is not done immediately after each dynamic update, because that would be too slow when a large zone is updated frequently.

Instead, the dump is delayed by up to 15 minutes, allowing additional updates to take place.

Changes that result from incoming incremental zone transfers are also journalled in a similar way.

The zone files of dynamic zones cannot normally be edited by hand because they are not guaranteed to contain the most recent dynamic changes — those are only in the journal file. When acting as a master, 9 supports IXFR for those zones where the necessary change history information is available.

Leave a Reply

Your email address will not be published. Required fields are marked *

One thought on “bind updating outside zone”