On Wed, Feb 22, 2012 at 1:17 PM, ed ziots <[email protected]> wrote: > Split-brain DNS is not always a bad idea ...
I have yet to see an example where it's a good idea. > ( what is internal should be > internal and what is DMZ/External should be external) Which doesn't need split DNS to be accomplished. Indeed, split DNS goes against this principle, as now the same namespace is used for both internal and external. > I am assuming that you don't own the DNS Server that is authoriative for the > zone ( thisclient.com). I agree you could set up a thisclient.com dns zone > on a dns server you own within your site ( as long as the client is using > that dns server for resolving) ... One would almost certainly better off creating zones for each <host?.thisclient.com.>. By claiming authority for <thisclient.com.>, one occludes the public <thisclient.com.> zone, which is suboptimal at best, and the OP implies they have a desire to use records from the public zone. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
