Hello Andrea, On Apr 19, 2012, at 14:11 , Andrea Cappelli wrote:
>> a) assuming everybody who needs 3 will be using 1, just load the zone into >> the recursor > > You mean using the conf auth-zones in recursor conf? > > Like > > auth-zones = sub1.domain.com=/var/zones/sub1.domain.com, > sub2.domain.com=/var/zones/sub2.domain.com > > In this case the file /var/zones/sub1.domain.com should be a bind zone file? > > For example http://en.wikipedia.org/wiki/Zone_file Yes. >> b) if not, split 2 and 3 by running two powerdns instances. > > So I can put an instance on the public IP and an instance on the private IP, > and only the private instance is allowed to do recursion (to complain with 1) > ) Even simpler: you would put a pdns_server instance on the public IP, and a pdns_recursor instance on the private IP. > In this case (assuming private instance doesn't know about public domains) if > the private pdns is contacted for a public domain, it will go through > recursion and will contact the public pdns which will give the response: do > you think I can accept this scenario or I have to sync private with public > data, making it authorithative for those domains, for example using axfr A recursor, unless explicitly configured otherwise, will always find public domains without trouble, by iterating down from the root servers. Kind regards, -- Peter van Dijk Netherlabs Computer Consulting BV - http://www.netherlabs.nl/ _______________________________________________ Pdns-users mailing list [email protected] http://mailman.powerdns.com/mailman/listinfo/pdns-users
