Bind configuration for multiple sub-domains on multiple sites
Hi there, let me first describe our network layout. We have our main office network of 192.21.x.x with machines configured to live on domain.com--we then have international offices running as 192.41.x.x/ch.domain.com , 192.85.x.x/hkg.domain.com , 192.97.x.x/dbx.domain.com
Each site has it's own gateway running bind (as well as VPN links) being the master of it's own subdomain.
This works great on a per site basis, so for example the mail server in Switzerland may be called mail.ch.domain.com an internally on the Swiss site that will resolve to 220.127.116.11 -- great, and as far as internet based requests go, anything on ch.domain.com will resolve to the router IP of the Swiss site (where the router will direct traffic depending on type, source etc). So where is the issue? Lets say we have an internal web server on the main site, 18.104.22.168 / internal.domain.com -- if a user in the Swiss office types internal.domain.com in their web browser it trys to access that address via the internet rather than resolving it internally (therefore access is denied).
I suppose we could run all DNS from the main office but then takes away the resilience (e.g. if any one site falls over the other sites continue to run). The only interim solution I have found (and tested on one site it seems without problems) is to have the branch site running it's own subdomain as the master, and then to have domain.com and other subdomains of domain.com running as slaves. This works well on the one site where I ran a pilot, but I'm concerned that this may be seen as sloppy or have consequences of which I am not aware.
I'm hoping some DNS guru's can give their opinions. If possible I would like to avoid completely restructuring the companies DNS configuration as overall it works (and if it's not broken don't fix it!).
I hope that all made sense and look forward to some replys.