Need help with a STRANGE configuration
Larry Mackley
mackleyl at my-deja.com
Wed Jan 12 15:00:26 UTC 2000
In article <387A5615.B4780E86 at daimlerchrysler.com>,
Kevin Darcy <kcd at daimlerchrysler.com> wrote:
> Barry Margolin wrote:
>
> > In article <slrn87k8fl.gan.lurker at angband.org>,
> > Chris A. Henesy <lurker at NO.SPAM.cc.gatech.edu> wrote:
> > >What I would like to do is set up BIND on my box so that it is a
cacheing
> > >nameserver that forwards requests for machines in mydomain.com,
> > >subdomain.mydomain.com, moresubdomains.mydomain.com, etc., to our
internal
> > >DNS server, and requests for all other domains to the ISP's DNS
server.
> > >(My machine itself will store no zonefiles)
> >
> > options {
> > forwarders { <ISP's DNS server address>; };
> > forward only;
> > };
> >
> > zone "mydomain.com" {
> > type forward;
> > forwarders { <internal DNS server address>; };
> > };
> >
> > The "type forward" zone was introduced in BIND 8.2.
>
> Note that if the internal server doesn't allow recursive queries,
zones of type
> "forward" aren't going to work. In that case, you'll *have* to store
some
> internal-zone information on your box, but only for the top-level
zone of each
> internal domain. You can define these as either
>
> zone "mydomain.com" {
> type stub;
> file "<some file>";
> forwarders {};
> masters { <internal DNS server address>; };
> };
>
> -or-
>
> zone "mydomain.com" {
> type slave;
> file "<some file>";
> forwarders {};
> masters { <internal DNS server address>; };
> };
>
> The reason for specifying "forwarders {}" is to inhibit forwarding
for names in
> subzones (according to the documentation, I think you need 8.2.2 or
later in order
> to specify this for non-forward zones). The "zonefiles" for stub
zones are quite
> tiny, since they just contain NS information, not the whole zone.
Slave zones
> consume more resources due to zone transfers and higher disk storage
requirements,
> but generally provide better query performance and redundancy, since
everything is
> kept locally. Of course, you won't be able to use a slave zone unless
the master
> allows you to do zone transfers.
>
> With my {ahem!} unofficial patch, you could even use a hints file
with your
> default forwarder! But in that case, you'd still have to define all
of the
> top-level zones as "forwarders {}" in order to inhibit default
forwarding and thus
> enable the use of the internal root(s) for those domains.
>
> - Kevin
>
>
Would this also work if someone wanted to implement their own top level
domain internally (ie .internal in place of .com)?
zone ".internal" {
type slave;
file "<some file>";
forwarders {};
masters { <internal DNS server address>; };
zone "subsidiary.internal" {
type slave;
file "<some file>";
forwarders {};
masters { <another internal DNS server address>; };
Larry
Sent via Deja.com http://www.deja.com/
Before you buy.
More information about the bind-users
mailing list