I'm considering migrating a bunch of individual OpenStack instances, with their own IPs, into a private cloud network, with DHCP to address individual servers. One current problem I'm trying to solve is that a system failure may require the complete reprovisioning of an instance, which will change the IP address, requiring a lot of manual DNS changes with my provider. I want to transition to a less hard-coded environment, using Ansible to define my servers, and using DHCP to failover much more elegantly to a new instance if required. With recent experimenting with the ISPConfig REST API, I feel confident that I can script rapid recovery of any FQDN from one IP to another. Is that a common scenario for ISPConfig DNS? I am assuming that I'll need a ns1.mydomain.tld and ns2.mydomain.tld as authoritative nameservers, each with their own unique IP. The ns2 would be a mirror of ns1 which is running ISPConfig. I'm also thinking that I could use one of my provider's nameservers, like ns3 to serve as a third authoritative server in case my servers fail. What I'm not understanding is, if my private network has a domain hosted at DHCP 10.0.0.1, and my primary ns1 ISPConfig DNS goes down, how would the ns3 provider DNS route to one of my 10.* servers anyway? Similarly, if I do have a mirror ISPConfig DNS in another instance, and my primary "ns1" fails, how would my secondary "ns2" route into my private network to reach my 10.0.0.1? The only way an external ns can route to one of my private network servers is if they are externally network-addressable. How does that work? I hope this is clear. Should I graph this out? Should I restate this more concisely? Thanks!