RE: [cobalt-users] DNS problems

[<rpaiz@xxxxxxxxxxxxxx>]

> Ermmm... Sorry :) My post was clearly incomplete... The 
> problem is that we run domain.com, but none of our
> subdomains (machine.domain.com) appear outside of our
> internal network.
> 
> We run a DNS server (as secondary) in one of our Qubes, and 
> we have our backbone providing primary DNS resolution.
> 
> I have all the subdomains registered on the Qube (sub1.domain.com,
> sub2.domain.com, etc), but ONLY on the Qube (which acts as a 
> secondary DNS server)

Well, someone around here with more Cluefulness may correct me, but
it's my impression that the only time anyone is going to consult the
secondary DNS is if the primary's down. However, you probably have
your internal clients using the Qube as primary DNS, therefore they
can see the subdomains. No one else can, as no one else is asking the
Qube.

Simplest solution here is to reverse things. Change the registration
so that your Qube is the primary and the ISP is the secondary; while
this may slow things down to the requester by about 1/100 of a second,
you'll get total control of your DNS and the secondary (at the ISP)
will update itself and cover for you if the Qube is down.

Otherwise, you're going to have to make sure that your ISP makes all
the DNS entries you need... yuck.

Another thing: remember that machine.domain.com would be a perfectly
valid domain name for The Machine Company, Inc. This would be a 
third-level domain name, and is operated just like a normal one. So,
another option is to let your ISP maintain primary control of the
second-level domain 'domain.com' and ensure that its DNS server
"delegates" control of subdomains machine, machine2, etc. to your
Qube. But then you need a primary and a secondary for each subdomain
as well, and... I just think it's more bother than it's worth in your
case. I'd stick with switching the roles.

-- 
Rodolfo J. Paiz
rpaiz@xxxxxxxxxxxxxx <mailto:rpaiz@xxxxxxxxxxxxxx>