Need help with a STRANGE configuration

Larry Mackley mackleyl at my-deja.com
Wed Jan 12 15:00:26 UTC 2000


In article <387A5615.B4780E86 at daimlerchrysler.com>,
  Kevin Darcy <kcd at daimlerchrysler.com> wrote:
> Barry Margolin wrote:
>
> > In article <slrn87k8fl.gan.lurker at angband.org>,
> > Chris A. Henesy <lurker at NO.SPAM.cc.gatech.edu> wrote:
> > >What I would like to do is set up BIND on my box so that it is a
cacheing
> > >nameserver that forwards requests for machines in mydomain.com,
> > >subdomain.mydomain.com, moresubdomains.mydomain.com, etc., to our
internal
> > >DNS server, and requests for all other domains to the ISP's DNS
server.
> > >(My machine itself will store no zonefiles)
> >
> > options {
> >   forwarders { <ISP's DNS server address>; };
> >   forward only;
> > };
> >
> > zone "mydomain.com" {
> >   type forward;
> >   forwarders { <internal DNS server address>; };
> > };
> >
> > The "type forward" zone was introduced in BIND 8.2.
>
> Note that if the internal server doesn't allow recursive queries,
zones of type
> "forward" aren't going to work. In that case, you'll *have* to store
some
> internal-zone information on your box, but only for the top-level
zone of each
> internal domain. You can define these as either
>
> zone "mydomain.com" {
>     type stub;
>     file "<some file>";
>     forwarders {};
>     masters { <internal DNS server address>; };
> };
>
>     -or-
>
> zone "mydomain.com" {
>     type slave;
>     file "<some file>";
>     forwarders {};
>     masters { <internal DNS server address>; };
> };
>
> The reason for specifying "forwarders {}" is to inhibit forwarding
for names in
> subzones (according to the documentation, I think you need 8.2.2 or
later in order
> to specify this for non-forward zones). The "zonefiles" for stub
zones are quite
> tiny, since they just contain NS information, not the whole zone.
Slave zones
> consume more resources due to zone transfers and higher disk storage
requirements,
> but generally provide better query performance and redundancy, since
everything is
> kept locally. Of course, you won't be able to use a slave zone unless
the master
> allows you to do zone transfers.
>
> With my {ahem!} unofficial patch, you could even use a hints file
with your
> default forwarder! But in that case, you'd still have to define all
of the
> top-level zones as "forwarders {}" in order to inhibit default
forwarding and thus
> enable the use of the internal root(s) for those domains.
>
> - Kevin
>
>
Would this also work if someone wanted to implement their own top level
domain internally (ie .internal in place of .com)?

zone ".internal" {
    type slave;
    file "<some file>";
    forwarders {};
    masters { <internal DNS server address>; };

zone "subsidiary.internal" {
    type slave;
    file "<some file>";
    forwarders {};
    masters { <another internal DNS server address>; };

Larry


Sent via Deja.com http://www.deja.com/
Before you buy.



More information about the bind-users mailing list