Re: Internally managing only certain DNS records for a domain

Hi Sam,

There's nothing stopping you from creating a Forward Lookup Zone called
"sub.other.com". Add a Host (A) record with a blank name and the
internal IP (that'll appear as "(same as parent folder)" in the console).

Flush the DNS cache on a client and you should find that a lookup for
sub.other.com resolves to the internal IP, while all other hosts under
other.com continue to resolve to public addressing.

HTH

Chris

On 11/16/2009 9:46 AM, Chris Dent wrote:
> There's nothing stopping you from creating a Forward Lookup Zone called
> "sub.other.com". Add a Host (A) record with a blank name and the
> internal IP (that'll appear as "(same as parent folder)" in the console).
>
> Flush the DNS cache on a client and you should find that a lookup for
> sub.other.com resolves to the internal IP, while all other hosts under
> other.com continue to resolve to public addressing.

Very, VERY, *VERY* nice (if not nasty) trick. I think I'll add that to
my tool box.



Grant. . . .

"Grant Taylor" <> wrote in message
news:he57hm$li8$...
> On 11/16/2009 9:46 AM, Chris Dent wrote:
>> There's nothing stopping you from creating a Forward Lookup Zone called
>> "sub.other.com". Add a Host (A) record with a blank name and the internal
>> IP (that'll appear as "(same as parent folder)" in the console).
>>
>> Flush the DNS cache on a client and you should find that a lookup for
>> sub.other.com resolves to the internal IP, while all other hosts under
>> other.com continue to resolve to public addressing.
>
> Very, VERY, *VERY* nice (if not nasty) trick. I think I'll add that to my
> tool box.
>
>
>
> Grant. . . .


Grant, this is a common trick, err, configuration, so to speak. The reason
it works is that sub.other.com is a specific namespace. If any queries come
in with that namespace or zone, DNS will respond to it with what's in the
zone, otherwise, any queries to "anythingelse.com" will be recursed out
(either forwarders or Roots) because it doesn't host that zone. It looks
locally first for an exact match before it looks elswhere.

Ace

On 11/19/2009 11:44 PM, Ace Fekay [MCT] wrote:
> Grant, this is a common trick, err, configuration, so to speak. The
> reason it works is that sub.other.com is a specific namespace. If any
> queries come in with that namespace or zone, DNS will respond to it
> with what's in the zone, otherwise, any queries to "anythingelse.com"
> will be recursed out (either forwarders or Roots) because it doesn't
> host that zone. It looks locally first for an exact match before it
> looks elswhere.

I understand completely why it work. I had just never thought of using
it that way. I love the idea. I've also shared it with a couple of
groups of fellow administrators already.

It's one of those things that is so simple and obvious it gets missed.
You know, "...can't see the forest for the trees...".



Grant. . . .

"Grant Taylor" <> wrote in message
news:he5amu$m8m$...
> On 11/19/2009 11:44 PM, Ace Fekay [MCT] wrote:
>> Grant, this is a common trick, err, configuration, so to speak. The
>> reason it works is that sub.other.com is a specific namespace. If any
>> queries come in with that namespace or zone, DNS will respond to it with
>> what's in the zone, otherwise, any queries to "anythingelse.com" will be
>> recursed out (either forwarders or Roots) because it doesn't host that
>> zone. It looks locally first for an exact match before it looks elswhere.
>
> I understand completely why it work. I had just never thought of using it
> that way. I love the idea. I've also shared it with a couple of groups
> of fellow administrators already.
>
> It's one of those things that is so simple and obvious it gets missed. You
> know, "...can't see the forest for the trees...".
>
>
>
> Grant. . . .

Good analogy. :-)

Ace