I want to create sub subdomain that are only visible from my private network.
My named.conf.local looks like this:
acl internals { 127.0.0.0/8; 192.168.1.0/24; }; view "internal" { match-clients { internals; }; zone "local.domain.com" { type master; file "/var/lib/bind/local.domain.com.hosts"; }; zone "1.168.192.in-addr.arpa" { type master; notify no; file "/var/lib/bind/192.hosts"; }; }; view "external" { match-clients { any; }; zone "domain.com" { type master; file "/var/lib/bind/domain.com.hosts"; }; };How can I create the internal and external zone files, if I dont want to expose the internal ip of the dns server on my external zone declaration?
I dont want to do this, I dont want anyone to see the internal ip:
$ORIGIN local.domain.com. @ IN NS ns1.local.domain.com. ns1.local.domain.com. IN A 192.168.1.3
Answer
You need to have the main zone also defined differently in the internal view so that it has the delegation while the version in the external view doesn’t have the delegation.
With things like that be however prepared with a lot of troubleshooting to do. If a single application or user is not matched by the internal view, it won’t get the delegation and hence things will break and you might lose a lot of point pinpointing that because, internally, you will see the delegation.
Not knowing any specifics of your use case it is difficult to provide good advices, but using two separate domains might just be simpler.
PS: if you really need to obfuscate, please don’t do it blindly, and stop using any random name you invent, just use example.com.
Attribution
Source : Link , Question Author : Itpalert , Answer Author : Patrick Mevzek
