Forwarding from Internal DNS server.

[Jim Reid]

>>>>> ">" == union  <union at icon.co.za> writes:

    >> With my original forwarding question, Would it help if I
    >> upgrade my version of bind to 8.x.x and create a "view" to
    >> forward on NXDOMAIN to my ISP's DNS, from my internal root
    >> server???

In a word, no. Firstly, BIND8 doesn't have views. This is planned for
BIND9. Secondly, I doubt views will provide that functionality. IIUC,
they are meant to provide different sets of IP addresses with
different sets of resource records for some zone: ie different "views"
of the zone. So with views, one name server could conceivably do split
DNS for the same zone. Thirdly, a reply of NXDOMAIN usually means it's
"game over" for the lookup: the name doesn't exist. Resolvers which
use the search directive use NXDOMAIN answers to try the next domain
name in the list, but this is not the same thing. One query is done
for each of the domains that are tried. Fourthly, root servers don't
forward. The root zone encompasses everything else in the name space,
so where could such a name server forward queries?

Usually people set up internal roots to expressly prevent the internet
name space from being visible in their nets. So if you want to resolve
internet names internally, you probably have to get rid of the
internal root zone. Maybe when BIND9 comes out you might be able to
set up a view of the root zone but I don't see the point. Either you
have a root zone and isolate your name space from the Internet or you
don't. Trying to make your name servers achieve something in between
will be like trying to be only partly pregnant.