On 29.6.2015 18:33, Matt . wrote:
> Hi Petr,
> No problem at all! I can remove/move things easily... but this
> splitbrain really makes these 2 networks standing on their own, which
> is what I need.
> Both are provisioned but not all the same. It gives me the flexibility
> we need, that's why it's not difficult to move, as it's flexible at
> the moment.

Yeah, you can get most flexibility by using two separate domains for each
network, possibly on two separate servers :-)

Let us know if you need further assistance.

Petr^2 Spacek

> 2015-06-29 18:26 GMT+02:00 Petr Spacek <pspa...@redhat.com>:
>> On 29.6.2015 18:22, Matt . wrote:
>>> Hi,
>>> Because it can happen that hostnames are used twice, but one for each 
>>> network.
>>> This sounds a little bit odd, but it has something todo with hostnames
>>> that are needed, public names and internal names. But as both networks
>>> have their own DNS servers, some records are just not provisioned so
>>> need to be added manually to the non-managed server.
>> Okay, so you basically wants 'DNS views'. There is only once advice about
>> that: "Do not do that" :-)
>> I would highly recommend you to read and follow following articles:
>> http://www.freeipa.org/page/Deployment_Recommendations#DNS
>> http://www.freeipa.org/page/DNS#Internal-only_domains
>> Sure, in already deployed network it is not easy but be assured that getting
>> rid of DNS views/split-brain DNS it will save you a lot of headaches in the
>> long term.
>> I'm sorry for uncomforting answers...
>> Petr Spacek  @  Red Hat
>>> 2015-06-29 17:11 GMT+02:00 Petr Spacek <pspa...@redhat.com>:
>>>> On 29.6.2015 16:10, Matt . wrote:
>>>>> Hi Petr,
>>>>> Yes I understand why this is "not possible". The idea was to have a
>>>>> managed DNS server from scripting and one for "other usage" by clients
>>>>> who only need to know about the "unknown" records on Server1, this as
>>>>> it should forward most and only do specific local lookups.
>>>>> Your subdomain solution might be something if I want to go this way.
>>>> I still do not understand the use case. Why not let scripts to modify 
>>>> records
>>>> on one single server?
>>>> --
>>>> Petr^2 Spacek

Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project

Reply via email to