The dev.freshports.org website is hosted on server in my basement. For you, that IP addresses resolves to a publicly available IP address. For me, that IP address resolves to an RFC 1918 address:
$ host dev.freshports.org dev.freshports.org has address 10.55.0.24
Sometimes this is referred to as split dns, also known as split-horizon DNS, split-view DNS, split-brain DNS, or a fricking stupid thing to do).
How?
I have a DNS zone file at home for that single host. I have similar zone files for other hosts. This allows me to selectively override the public DNS. I do this for about 19 different hosts at home.
Why?
I could browse to the internal host (dev-nginx01.int.freshports.org) and everything works as expected. The problem arises when I copy/paste the URL for a blog post or to show someone on IRC how something is working at home. I want to use the same URL whether I am at home or away. I want the same URL to work for me and for those helping me work on FreshPorts.
I think most split-dns approaches would maintain two zone files for freshports.org, one public and one private. I didn’t want to do that. I didn’t want to make changes in two places for the same update.
Instead, I took the approach of creating a zone file for a single host.
In this post
In this post:
- FreeBSD 12.1
- bind 9.16.6
- pfSense 2.4.5-RELEASE-p1
The zone file
On my primary DNS server, in the named.conf file, I have this entry:
include "zones/zones.primary";
You don’t need to do it this way. I just like having one file which lists all the zones I include.
In that file, I have entries such as this:
zone "dev.freshports.org" {
type master;
file "zones/dev.freshports.org.db";
allow-transfer { AllowZoneTransfer; };
allow-query { any; };
notify yes;
};
In turn, zones/dev.freshports.org.db contains this:
$ORIGIN . $TTL 60 ; 1 minute dev.freshports.org IN SOA slocum.int.example.org. soa.example.com. ( 2017111100 ; serial 10800 ; refresh (3 hours) 1800 ; retry (30 minutes) 2592000 ; expire (4 weeks 2 days) 86400 ; minimum (1 day) ) NS slocum.int.example.org. NS toiler.int.example.org. $ORIGIN dev.freshports.org. dev.freshports.org. IN A 10.55.0.24
That should get you started down this dodgy path.
