In article <VA.00001cd4.12d03a57@nscsysops.net>, Brad Doster wrote:
> Maybe if you reiterate what you've done re: glue records, we can

still
> come up with a solution you like.
>

Companydomain.com is the public face with DNS hosted by one ISP
We wish to have multiple private child domains, one per major site
(4 coming on-line now, a 5th
sometime this summer, more mergers expected).
Not all sites have the same ISP due to geographic locations
We don't want to put the private Child DNS servers into the public
parent zone as a security
measure.
All NW servers running DNS resolve to themselves(backup to their
neighbour then to another at
another site), just need to reboot the two in Tor (they are fully in
production so not as easy to
reboot as the other sites)

This is how I am entering the glue to the tor child into the other
children zones and vice
versa (as per TID 10016522)
A torpq1 tor.companydomain.com 10.13.42.50
A torbk1 tor.companydomain.com 10.13.42.60
NS tor companydomain.com torpq1.tor.companydomain.com
NS tor companydomain.com torbk1.tor.companydomain.com


and this is what they look like after being entered and exported
in/from the van child
$ORIGIN van.companydomain.com.
@ IN SOA vanfs1.van.companydomain.com.
headgeek@companydomain.com. (
2003031808 ; Serial
10800 ; Refresh
3600 ; Retry
604800 ; Expire
86400 ) ; Minimum

$ORIGIN companydomain.com.
van IN NS vanfs1.van.companydomain.com.
IN NS vanbk1.van.companydomain.com.

$ORIGIN 42.113.10.IN-ADDR.ARPA.
10 IN PTR vanfs1.van.companydomain.com.
30 IN PTR vanbk1.van.companydomain.com.

$ORIGIN van.companydomain.com.
Vanbk1 IN A 10.113.42.30
vanfs1 IN A 10.113.42.10
vanfs2 IN A 10.113.42.20

$ORIGIN tor.companydomain.com.
Torbk1 IN A 10.13.42.60
torpq1 IN A 10.13.42.50

$ORIGIN companydomain.com.
tor IN NS torpq1.tor.companydomain.com.
IN NS torbk1.tor.companydomain.com.


Hopefully I got all the relevant details for this.

Andy Konecny
Ainsworth Inc. in Toronto
[sometimes being certifiable is more fun than being certified :]