I'm not as proficient at configuring DNS as I would like. What are some common DNS design schemes?
EDIT: Gah, it's hard to explain what i mean! I'm interested in learning how to classify/configure various styles of networks (eg: is there a term for networks that have intranet records they don't transfer vs networks that keep entirely public records... is there a terms for a network that uses dynamic dns... is there a term for networks that use load-balancing...)?
One of the more common 'types' is 'Split-Horizon', or simply 'split' DNS.
This is where the DNS server gives different results depending on where the query is coming from. It is more commonly used in an organization where people are widely distributed ('local' hosts, WAN hosts, or Internet hosts), all of which may benefit from being redirected to different copies of the same server, or the same server but some are given the Internal address and some are given the external (usually NATted) address.
Unlisted primary (aka shadow primary, unlisted/shadow master) is a configuration often found in strictly secured intranets. In short this is a primary server which has no NS record in the parent domain. In other words, primary server without delegation. The delegation is supposed to point to one or more slave servers instead.
Scenario: Your ACME company has an intranet and the main DNS server, used by most clients. It hosts "intranet.acme.com" zone. Now, you are setting up a strictly secured subnet, with a separate DNS server and domain "finances.intranet.acme.com".
Solution: Don't specify your server as NS for "finances.intranet.acme.com". Instead specify some other server as NS, as long as you can convince the admin to host "finances.intranet.acme.com" as a slave. (Organization's main DNS server, that would delegate the subdomain to you, surprisingly happens to be a good choice for such a slave.) Your precious local server will now be practically invisible in the DNS hierarchy. It will only provide zone transfers to the slave and (optionally) answer queries from a set of clients of your choice.
NB: it is up to you which server you specify in SOA record. It may be your "unlisted" server, as SOA record is not used to traverse the DNS hierarchy.
Similarly, you can also create unlisted slave server - a slave server for a domain, that is not listed in domain's NS records. Again, this server will only receive traffic from clients which know the IP address, as its address cannot be obtained from any other DNS server. It will answer queries as any other slave: authoritatively and quickly (i.e. using only local disk file).
Another scheme, which is somewhat incompatible with above "unlisted server" concept, but it's worth knowing. Author of dnscache and tinydns recommends that DNS servers should be strictly divided into two types:
From the security standpoint, DNS cache is always very vulnerable to poison (bogus DNS records) and other types of attack, because it naturally has to connect to many untrusted DNS servers over the Internet. So the authoritative answers should be served by a different software, as you really really want to make sure that your DNS server does not spread bogus, authoritative data about your domain to the whole Internet.
most probably you'll see:
there can also be other cases - eg dns forwarder that just forward incoming dns queries to other name servers.
dyndns is a specific service that is linked with update program running on your machine or router. probably you'll be customer rather the operator of it. dyndns client checks if your machine changed address [eg due to reconnection to adsl operator] and if so sends update to dyndns operatortelling myhost.somedyndnsoperatorname.net should now point to new ip - 123.123.123.321.
you can take a look at wikipedia for more info or describe your case in details to get more precise answer.
See my answer to a similar question where I define: