Hi 
,
found this article in the Knowledge Base: https://help.univention.com/t/how-to-configure-dns-splitbrain/20145
Im not sure, but I think thats not a config for splitbrain DNS.
Does somebody know how to get a real splitbrain on UCS?
Greetings
Christian Hase
the ariicle is correct for one domain entry.
for multiple subdomain records lets say record1.domain.ext and record2.domain.ext
create a forward lookup zone for domain.ext with the ip of your dns server
under thie forward looup zone create records for record1 (ip of record1) record2 (with ip of record2) and so on
rg
Christian
Hi
hm please bear with me. I understood splitbrain DNS as a config for internal and external view of the same domain/fqdn/dns-record.
In my bind setup:
bind-config
# dns proxy in DMZ for Detection of DNS traffic from internet
acl internet {
10.250.250.10/32;
};
# internal networks
acl intern {
192.168.42.0/27;
10.253.42.1/32;
10.10.10.0/24;
10.0.0.0/16;
127.0.0.0/24;
10.253.66.0/24;
10.253.69.0/24;
};
# view-filter to detect dns requests from internet and use the external dns database
view "frominternet" {
match-clients { internet; };
zone "example.com" IN {
type master;
file "/etc/bind/dbs-extern/example.com.db";
};
};
view "internal" {
match-clients { intern; };
zone "example.com" IN {
type master;
file "/etc/bind/dbs-intern/example.com.db";
};
};
/etc/bind/dbs-extern/example.com.db
$ORIGIN example.com.
$TTL 6000 ; 1 minute
@ IN SOA ns1.example.com. hostmaster.example.com. (
2024052501 ; serial - YYYYMMDD##
1200 ; refresh
600 ; retry (10 minutes)
1209600 ; expire
600 ; minimum
)
;
@ NS ns1.example.com.
ns1 A 123.123.123.123
sso A 123.123.123.124
/etc/bind/dbs-intern/example.com.db
$ORIGIN example.com.
$TTL 6000 ; 1 minute
@ IN SOA ns1.example.com. hostmaster.example.com. (
2024052501 ; serial - YYYYMMDD##
1200 ; refresh
600 ; retry (10 minutes)
1209600 ; expire
600 ; minimum
)
;
@ NS ns1.example.com.
ns1 A 10.1.2.3
sso A 10.1.2.3
I also need to specify when the internal record and the external record for the example should be used. This is specified in
So what I’m missing in this KB:
Could you point me in the direction which parts in this KB relate to the general example from me?
Thanks in advance
No no, SPLIT DNS means use of two DNS Severs (one internal, one external - Internet Provider)
so on the internal the record for record1.domain.ext is maybe 192.168.x.x and the entry at the provider mybe 139.10.x.x so that your clients get the internal ip in your local lan, and the external ip when they are outside your local lan with puplic dns server like 1.1.1.1 or 8.8.8.8
and for that reason you also have to publish IP’s which are only external on your internal dns server, let’s say you have a hosted Web Server at an Hosting Provider you have to put the FQDN of this Server in your local DNS Server with the external IP too (www.domain.ext with 139.10.x.x for example) so internal clients are able to get the IP for the external recources
rg
Christian
now I get it.