Mailing List Archive

So to answer your question, I think it's no, but from a practical standpoint of addressing your problem I would:

I would just create zones just for those specific records on your DC DNS server(s)

So a zone for oddballserver1.uoguelph.edu pointing to 1.1.1.1 and so on and then forward all other traffic to your regular servers.

We do this in the other direction when we the internal domain doesn't equal the public domain, but we have certain hosts like the exchange server or adfs server where we need the url to work internally but don't want to have to deal with all the normal www and other entries having to be maintained internally.






Matthew Loraditch
Sr. Network Engineer
p: 443.541.1518
w: www.heliontechnologies.com | e: MLoraditch@heliontechnologies.com
From: cisco-voip <cisco-voip-bounces@puck.nether.net> On Behalf Of Lelio Fulgenzi
Sent: Friday, November 8, 2019 4:22 PM
To: voyp list, cisco-voip (cisco-voip@puck.nether.net) <cisco-voip@puck.nether.net>
Subject: [cisco-voip] OT: DNS for data centers


Here a question for those with DNS experience....

We have a requirement for our DC hosts to access some services/hosts using different IP addresses as the rest of campus. Sounds familiar right? We're investigating the best way to do this.

Are we looking at enabling split view DNS on our campus DNS servers? Or introducing a new set of data center DNS servers?

Here's the catch.... The DC servers need to access all the rest of the hosts at the same address of the rest of campus.

What we don't want to do is replicate our DNS zones in their entirety and then have to update each of them with each new DNS record request that comes in.

The question a few of us had is this.

Can a DNS server which is authoritative for a zone forward requests for that zone if they don't resolve internally?

The picture would be this.

Our campus DNS servers would remain. Two new DC DNS servers would be created with a handful (ok, more than a handful) of entries. The servers in the DC would point to the DC DNS server to get their information and the DC DNS server would forward the rest that it can not resolve to our campus DNS servers.

The campus DNS servers would _never_ refer requests to the DC servers.

Thoughts? (about this request)

---
Lelio Fulgenzi, B.A. | Senior Analyst
Computing and Communications Services | University of Guelph
Room 037 Animal Science & Nutrition Bldg | 50 Stone Rd E | Guelph, ON | N1G 2W1
519-824-4120 Ext. 56354 | lelio@uoguelph.ca<mailto:lelio@uoguelph.ca>

www.uoguelph.ca/ccs<http://www.uoguelph.ca/ccs> | @UofGCCS on Instagram, Twitter and Facebook

[University of Guelph Cornerstone with Improve Life tagline]

So, here’s the catch

In the DC dns:

dchost1.catering.uoguelph.ca points to the dc IP address


outside of DC dns

dchost1.catering.uoguelph.ca points to the public ip address
host2.catering.uoguelph.ca points to the public ip address (there is no dc equivalent of this host)


hosts in the DC need to resolve host2.catering.uoguelph.ca as well.

I’m not sure this works.



---
Lelio Fulgenzi, B.A. | Senior Analyst
Computing and Communications Services | University of Guelph
Room 037 Animal Science & Nutrition Bldg | 50 Stone Rd E | Guelph, ON | N1G 2W1
519-824-4120 Ext. 56354 | lelio@uoguelph.ca<mailto:lelio@uoguelph.ca>

www.uoguelph.ca/ccs<http://www.uoguelph.ca/ccs> | @UofGCCS on Instagram, Twitter and Facebook

[University of Guelph Cornerstone with Improve Life tagline]

From: Matthew Loraditch <MLoraditch@heliontechnologies.com>
Sent: Friday, November 8, 2019 4:28 PM
To: Lelio Fulgenzi <lelio@uoguelph.ca>; voyp list, cisco-voip (cisco-voip@puck.nether.net) <cisco-voip@puck.nether.net>
Subject: RE: OT: DNS for data centers

So to answer your question, I think it’s no, but from a practical standpoint of addressing your problem I would:

I would just create zones just for those specific records on your DC DNS server(s)

So a zone for oddballserver1.uoguelph.edu pointing to 1.1.1.1 and so on and then forward all other traffic to your regular servers.

We do this in the other direction when we the internal domain doesn’t equal the public domain, but we have certain hosts like the exchange server or adfs server where we need the url to work internally but don’t want to have to deal with all the normal www and other entries having to be maintained internally.






Matthew Loraditch?
Sr. Network Engineer
p: 443.541.1518<tel:443.541.1518>
w: www.heliontechnologies.com<http://www.heliontechnologies.com/>
|
e: MLoraditch@heliontechnologies.com<mailto:MLoraditch@heliontechnologies.com>
[Helion Technologies]<http://www.heliontechnologies.com/>
[Facebook]<https://facebook.com/heliontech>
[Twitter]<https://twitter.com/heliontech>
[LinkedIn]<https://www.linkedin.com/company/helion-technologies>
From: cisco-voip <cisco-voip-bounces@puck.nether.net<mailto:cisco-voip-bounces@puck.nether.net>> On Behalf Of Lelio Fulgenzi
Sent: Friday, November 8, 2019 4:22 PM
To: voyp list, cisco-voip (cisco-voip@puck.nether.net<mailto:cisco-voip@puck.nether.net>) <cisco-voip@puck.nether.net<mailto:cisco-voip@puck.nether.net>>
Subject: [cisco-voip] OT: DNS for data centers


Here a question for those with DNS experience….

We have a requirement for our DC hosts to access some services/hosts using different IP addresses as the rest of campus. Sounds familiar right? We’re investigating the best way to do this.

Are we looking at enabling split view DNS on our campus DNS servers? Or introducing a new set of data center DNS servers?

Here’s the catch…. The DC servers need to access all the rest of the hosts at the same address of the rest of campus.

What we don’t want to do is replicate our DNS zones in their entirety and then have to update each of them with each new DNS record request that comes in.

The question a few of us had is this.

Can a DNS server which is authoritative for a zone forward requests for that zone if they don’t resolve internally?

The picture would be this.

Our campus DNS servers would remain. Two new DC DNS servers would be created with a handful (ok, more than a handful) of entries. The servers in the DC would point to the DC DNS server to get their information and the DC DNS server would forward the rest that it can not resolve to our campus DNS servers.

The campus DNS servers would _never_ refer requests to the DC servers.

Thoughts? (about this request)

---
Lelio Fulgenzi, B.A. | Senior Analyst
Computing and Communications Services | University of Guelph
Room 037 Animal Science & Nutrition Bldg | 50 Stone Rd E | Guelph, ON | N1G 2W1
519-824-4120 Ext. 56354 | lelio@uoguelph.ca<mailto:lelio@uoguelph.ca>

www.uoguelph.ca/ccs<http://www.uoguelph.ca/ccs> | @UofGCCS on Instagram, Twitter and Facebook

[University of Guelph Cornerstone with Improve Life tagline]

You can definitely do this. If nothing else you can use host files, but you can for sure do it with servers as well.

I’m not sure what type of servers you use for DNS, but if visually seeing a Windows server with it would help, DM me next week and I can show you one.


Matthew Loraditch
Sr. Network Engineer
p: 443.541.1518
w: www.heliontechnologies.com | e: MLoraditch@heliontechnologies.com
From: cisco-voip <cisco-voip-bounces@puck.nether.net> On Behalf Of Lelio Fulgenzi
Sent: Friday, November 8, 2019 4:41 PM
To: voyp list, cisco-voip (cisco-voip@puck.nether.net) <cisco-voip@puck.nether.net>
Subject: Re: [cisco-voip] OT: DNS for data centers

So, here’s the catch

In the DC dns:

dchost1.catering.uoguelph.ca points to the dc IP address


outside of DC dns

dchost1.catering.uoguelph.ca points to the public ip address
host2.catering.uoguelph.ca points to the public ip address (there is no dc equivalent of this host)


hosts in the DC need to resolve host2.catering.uoguelph.ca as well.

I’m not sure this works.



---
Lelio Fulgenzi, B.A. | Senior Analyst
Computing and Communications Services | University of Guelph
Room 037 Animal Science & Nutrition Bldg | 50 Stone Rd E | Guelph, ON | N1G 2W1
519-824-4120 Ext. 56354 | lelio@uoguelph.ca<mailto:lelio@uoguelph.ca>

www.uoguelph.ca/ccs<http://www.uoguelph.ca/ccs> | @UofGCCS on Instagram, Twitter and Facebook

[University of Guelph Cornerstone with Improve Life tagline]

From: Matthew Loraditch <MLoraditch@heliontechnologies.com<mailto:MLoraditch@heliontechnologies.com>>
Sent: Friday, November 8, 2019 4:28 PM
To: Lelio Fulgenzi <lelio@uoguelph.ca<mailto:lelio@uoguelph.ca>>; voyp list, cisco-voip (cisco-voip@puck.nether.net<mailto:cisco-voip@puck.nether.net>) <cisco-voip@puck.nether.net<mailto:cisco-voip@puck.nether.net>>
Subject: RE: OT: DNS for data centers

So to answer your question, I think it’s no, but from a practical standpoint of addressing your problem I would:

I would just create zones just for those specific records on your DC DNS server(s)

So a zone for oddballserver1.uoguelph.edu pointing to 1.1.1.1 and so on and then forward all other traffic to your regular servers.

We do this in the other direction when we the internal domain doesn’t equal the public domain, but we have certain hosts like the exchange server or adfs server where we need the url to work internally but don’t want to have to deal with all the normal www and other entries having to be maintained internally.






Matthew Loraditch?
Sr. Network Engineer
p: 443.541.1518<tel:443.541.1518>
w: www.heliontechnologies.com<http://www.heliontechnologies.com/>
|
e: MLoraditch@heliontechnologies.com<mailto:MLoraditch@heliontechnologies.com>
[Helion Technologies]<http://www.heliontechnologies.com/>
[Facebook]<https://facebook.com/heliontech>
[Twitter]<https://twitter.com/heliontech>
[LinkedIn]<https://www.linkedin.com/company/helion-technologies>
From: cisco-voip <cisco-voip-bounces@puck.nether.net<mailto:cisco-voip-bounces@puck.nether.net>> On Behalf Of Lelio Fulgenzi
Sent: Friday, November 8, 2019 4:22 PM
To: voyp list, cisco-voip (cisco-voip@puck.nether.net<mailto:cisco-voip@puck.nether.net>) <cisco-voip@puck.nether.net<mailto:cisco-voip@puck.nether.net>>
Subject: [cisco-voip] OT: DNS for data centers


Here a question for those with DNS experience….

We have a requirement for our DC hosts to access some services/hosts using different IP addresses as the rest of campus. Sounds familiar right? We’re investigating the best way to do this.

Are we looking at enabling split view DNS on our campus DNS servers? Or introducing a new set of data center DNS servers?

Here’s the catch…. The DC servers need to access all the rest of the hosts at the same address of the rest of campus.

What we don’t want to do is replicate our DNS zones in their entirety and then have to update each of them with each new DNS record request that comes in.

The question a few of us had is this.

Can a DNS server which is authoritative for a zone forward requests for that zone if they don’t resolve internally?

The picture would be this.

Our campus DNS servers would remain. Two new DC DNS servers would be created with a handful (ok, more than a handful) of entries. The servers in the DC would point to the DC DNS server to get their information and the DC DNS server would forward the rest that it can not resolve to our campus DNS servers.

The campus DNS servers would _never_ refer requests to the DC servers.

Thoughts? (about this request)

---
Lelio Fulgenzi, B.A. | Senior Analyst
Computing and Communications Services | University of Guelph
Room 037 Animal Science & Nutrition Bldg | 50 Stone Rd E | Guelph, ON | N1G 2W1
519-824-4120 Ext. 56354 | lelio@uoguelph.ca<mailto:lelio@uoguelph.ca>

www.uoguelph.ca/ccs<http://www.uoguelph.ca/ccs> | @UofGCCS on Instagram, Twitter and Facebook

[University of Guelph Cornerstone with Improve Life tagline]

Lol. I mentioned host files….. ;)

Which, can be centrally managed and distributed, but, it’s not ideal.

We’re using an appliance so we have some options but no ability to “hack” our files, so to speak. It has to be standard DNS configuration options.

Let’s touch base next week. Having even a quick idea we can transfer will help!

---
Lelio Fulgenzi, B.A. | Senior Analyst
Computing and Communications Services | University of Guelph
Room 037 Animal Science & Nutrition Bldg | 50 Stone Rd E | Guelph, ON | N1G 2W1
519-824-4120 Ext. 56354 | lelio@uoguelph.ca<mailto:lelio@uoguelph.ca>

www.uoguelph.ca/ccs<http://www.uoguelph.ca/ccs> | @UofGCCS on Instagram, Twitter and Facebook

[University of Guelph Cornerstone with Improve Life tagline]

From: Matthew Loraditch <MLoraditch@heliontechnologies.com>
Sent: Friday, November 8, 2019 4:44 PM
To: Lelio Fulgenzi <lelio@uoguelph.ca>; voyp list, cisco-voip (cisco-voip@puck.nether.net) <cisco-voip@puck.nether.net>
Subject: RE: OT: DNS for data centers

You can definitely do this. If nothing else you can use host files, but you can for sure do it with servers as well.

I’m not sure what type of servers you use for DNS, but if visually seeing a Windows server with it would help, DM me next week and I can show you one.


Matthew Loraditch?
Sr. Network Engineer
p: 443.541.1518<tel:443.541.1518>
w: www.heliontechnologies.com<http://www.heliontechnologies.com/>
|
e: MLoraditch@heliontechnologies.com<mailto:MLoraditch@heliontechnologies.com>
[Helion Technologies]<http://www.heliontechnologies.com/>
[Facebook]<https://facebook.com/heliontech>
[Twitter]<https://twitter.com/heliontech>
[LinkedIn]<https://www.linkedin.com/company/helion-technologies>
From: cisco-voip <cisco-voip-bounces@puck.nether.net<mailto:cisco-voip-bounces@puck.nether.net>> On Behalf Of Lelio Fulgenzi
Sent: Friday, November 8, 2019 4:41 PM
To: voyp list, cisco-voip (cisco-voip@puck.nether.net<mailto:cisco-voip@puck.nether.net>) <cisco-voip@puck.nether.net<mailto:cisco-voip@puck.nether.net>>
Subject: Re: [cisco-voip] OT: DNS for data centers

So, here’s the catch

In the DC dns:

dchost1.catering.uoguelph.ca points to the dc IP address


outside of DC dns

dchost1.catering.uoguelph.ca points to the public ip address
host2.catering.uoguelph.ca points to the public ip address (there is no dc equivalent of this host)


hosts in the DC need to resolve host2.catering.uoguelph.ca as well.

I’m not sure this works.



---
Lelio Fulgenzi, B.A. | Senior Analyst
Computing and Communications Services | University of Guelph
Room 037 Animal Science & Nutrition Bldg | 50 Stone Rd E | Guelph, ON | N1G 2W1
519-824-4120 Ext. 56354 | lelio@uoguelph.ca<mailto:lelio@uoguelph.ca>

www.uoguelph.ca/ccs<http://www.uoguelph.ca/ccs> | @UofGCCS on Instagram, Twitter and Facebook

[University of Guelph Cornerstone with Improve Life tagline]

From: Matthew Loraditch <MLoraditch@heliontechnologies.com<mailto:MLoraditch@heliontechnologies.com>>
Sent: Friday, November 8, 2019 4:28 PM
To: Lelio Fulgenzi <lelio@uoguelph.ca<mailto:lelio@uoguelph.ca>>; voyp list, cisco-voip (cisco-voip@puck.nether.net<mailto:cisco-voip@puck.nether.net>) <cisco-voip@puck.nether.net<mailto:cisco-voip@puck.nether.net>>
Subject: RE: OT: DNS for data centers

So to answer your question, I think it’s no, but from a practical standpoint of addressing your problem I would:

I would just create zones just for those specific records on your DC DNS server(s)

So a zone for oddballserver1.uoguelph.edu pointing to 1.1.1.1 and so on and then forward all other traffic to your regular servers.

We do this in the other direction when we the internal domain doesn’t equal the public domain, but we have certain hosts like the exchange server or adfs server where we need the url to work internally but don’t want to have to deal with all the normal www and other entries having to be maintained internally.






Matthew Loraditch?
Sr. Network Engineer
p: 443.541.1518<tel:443.541.1518>
w: www.heliontechnologies.com<http://www.heliontechnologies.com/>
|
e: MLoraditch@heliontechnologies.com<mailto:MLoraditch@heliontechnologies.com>
[Helion Technologies]<http://www.heliontechnologies.com/>
[Facebook]<https://facebook.com/heliontech>
[Twitter]<https://twitter.com/heliontech>
[LinkedIn]<https://www.linkedin.com/company/helion-technologies>
From: cisco-voip <cisco-voip-bounces@puck.nether.net<mailto:cisco-voip-bounces@puck.nether.net>> On Behalf Of Lelio Fulgenzi
Sent: Friday, November 8, 2019 4:22 PM
To: voyp list, cisco-voip (cisco-voip@puck.nether.net<mailto:cisco-voip@puck.nether.net>) <cisco-voip@puck.nether.net<mailto:cisco-voip@puck.nether.net>>
Subject: [cisco-voip] OT: DNS for data centers


Here a question for those with DNS experience….

We have a requirement for our DC hosts to access some services/hosts using different IP addresses as the rest of campus. Sounds familiar right? We’re investigating the best way to do this.

Are we looking at enabling split view DNS on our campus DNS servers? Or introducing a new set of data center DNS servers?

Here’s the catch…. The DC servers need to access all the rest of the hosts at the same address of the rest of campus.

What we don’t want to do is replicate our DNS zones in their entirety and then have to update each of them with each new DNS record request that comes in.

The question a few of us had is this.

Can a DNS server which is authoritative for a zone forward requests for that zone if they don’t resolve internally?

The picture would be this.

Our campus DNS servers would remain. Two new DC DNS servers would be created with a handful (ok, more than a handful) of entries. The servers in the DC would point to the DC DNS server to get their information and the DC DNS server would forward the rest that it can not resolve to our campus DNS servers.

The campus DNS servers would _never_ refer requests to the DC servers.

Thoughts? (about this request)

---
Lelio Fulgenzi, B.A. | Senior Analyst
Computing and Communications Services | University of Guelph
Room 037 Animal Science & Nutrition Bldg | 50 Stone Rd E | Guelph, ON | N1G 2W1
519-824-4120 Ext. 56354 | lelio@uoguelph.ca<mailto:lelio@uoguelph.ca>

www.uoguelph.ca/ccs<http://www.uoguelph.ca/ccs> | @UofGCCS on Instagram, Twitter and Facebook

[University of Guelph Cornerstone with Improve Life tagline]