DNS and forward

Y. W. Ko ywko at mindspring.com
Fri Aug 20 01:41:26 UTC 1999


Hi Michael,

SERVER A)    This is the named.conf on the m/c that has external access
which I plan to use to resolve names that are outside my.domain (BTW, this
is typed in from memory, forgive any obvious syntax/typing error):

options {
    directory "/var/named";
};

zone "." {
    type hint;
    file "named.ca"
};

zone "0.0.127.in-addr.arpa" {
        type master;
        file "named.local";
};


SERVER B) This is the named.conf on m/c on the inside from which I plan to
forward request for names OUTSIDE my.domain to the above m/c to resolve:

options {
    directory "/var/named";
    forward first;
    forwarders {
        xx.yy.zz.aa;  // Server A ip address
    } ;
};

zone "0.0.127.in-addr.arpa" {
        type master;
        file "named.local";
};

zone "xx.yy.zz.in-addr.arpa" {
        notify no;
        type master;
        file "named.rev";
};

zone "my.domain" {
        notify no;
        type master;
        file "named.data";
};


The configuration on SERVER A works fine - it can resolves names in the
outside world without any problem. As for SERVER B, it has no problem
resolving names within my.domain. However, it cannot
resolve any name outside my.domain.

Forgive me if I've completely misunderstood how forward works. The sad thing
is if I add this in named.conf on SERVER A

zone "my.domain" {
    type forward;
    forwarders {
        xx.yy.zz.bb;  // Server B ip address
    };
} ;

etc... plus other obvious changes, SERVER A does forward requests to SERVER
B to resolve names inside my.domain. However, this is NOT how I want it to
work :-(

Any pointer would be much much appreciated.

Thanks,

        Ko


Michael Voight <mvoight at cisco.com> wrote in message
news:37BC9D36.5D9A7E7A at cisco.com...
>
>
> "Y. W. Ko" wrote:
> >
> > Hi:
> >     I have exactly the same problem and been pulling my hair out last
couple
> > of days - I still haven't found out why. BTW, I'm using bind-8.2 on
Linux
> > 6.0, and my DNS configuration is almost identical to yours.
> >
> >     A little bit more info. which might be useful... I tried running
> > with -d, the named.run file seem to indicate that
> >
> > 1) when I try to look up something outside the domain, say www.aol.com,
it
> > somehow mangle it and try to lookup up www.aol.com.my.domain instead.
>
> The first thing nslookup will do is append the your domain name if there
> is no ending dot. After it fails to find the host after appending the
> domain, it will try again with it removed.
>
> The resolver will generally only append the domain name if there are no
> dots. So, a ping to hostname.domain will NOT append the name.
>
>
> This is normal
>
> >
> > 2) No attempt is made to do a forward.
>
> It would do this if it thought you were authority.
> Or, if it thought you were root.
>
> You didn't your config here, so it is not possible to tell if your
> problem is the same one as his.
>
> Did you configure a hints zone referencing a root hints file?
>
> Michael
>




More information about the bind-users mailing list