Zimbra Forums

Just curious, but I assume that a Split-DNS setup would still be required with the ZCA if it is run behind a firewall.
How would this be done with the appliance? Is it ok to access the OS to install bind and make the necessary configuration as you would do with the open source edition?
Also, are the changes made persistent across updates and is anything broken by accessing the OS?
Thanks

[quote user="yonatan"]Just curious, but I assume that a Split-DNS setup would still be required with the ZCA if it is run behind a firewall.[/QUOTE]Yes, that's correct.
[quote user="yonatan"]How would this be done with the appliance? Is it ok to access the OS to install bind and make the necessary configuration as you would do with the open source edition?[/QUOTE]You should install the DNS server on another machine in your LAN, it doesn't have to be on the Zimbra server.

[quote user="10330phoenix"]

You should install the DNS server on another machine in your LAN, it doesn't have to be on the Zimbra server.[/QUOTE]
Is this because the ZCA's OS cannot or should not be modified?

[quote user="yonatan"]Is this because the ZCA's OS cannot or should not be modified?[/QUOTE]You should leave the O/S as it is and not modify it but I always install my DNS server(s) on different machines than the Zimbra server.

[quote user="10330phoenix"]You should leave the O/S as it is and not modify it but I always install my DNS server(s) on different machines than the Zimbra server.[/QUOTE]
Ok thanks for explaining! I guess it makes sense to leave the appliance OS alone, as opposed to open source edition where many install bind on the same server.
Have you had a chance to use the appliance? What do you think if you compare to the open source version?

[quote user="yonatan"]Have you had a chance to use the appliance?[/QUOTE]No, I must admit that I haven't had a chance to test it yet.
[quote user="yonatan"]What do you think if you compare to the open source version?[/QUOTE]It's meant to be easy to deploy (being a VM appliance it should be) and it's also an NE version free for 10 users.

Is there any reason not to setup the DNS server on the appliance (accepting the fact that you might have to do it all again after any patches). Given this is for a

[quote user="fruitloaf"]Is there any reason not to setup the DNS server on the appliance (accepting the fact that you might have to do it all again after any patches). Given this is for a
I know that phoenix has recommended not installing bind on the appliance if a split-dns setup is required. Nonetheless, I would like to hear what Zimbra suggests doing and whether installing bind can adversely affect the appliance. Also, are the changes persistent across updates.
Thanks
P.S. Perhaps it would be beneficial to provide split-dns functionality from the start and during the deployment of the appliance let the user decide whether to enable it. I'm assuming that the majority of users require a split-dns setup, as it provides an added layer of security running it behind a firewall. Just an idea

If you break the seal and install additional software, you're on your own; you may or may not break things now or in the future.
If you're already in a virtualized environment, the incremental cost of putting together a separate, very small VM to handle DNS queries is pretty minimal.