Forwarders for one specific domain.

Kevin Darcy kcd at daimlerchrysler.com
Thu Jun 8 18:56:10 UTC 2000 

Do you really want to serve those domains recursively for *everyone*, or just
certain networks? It may make more sense to just restrict recursion by network
-- as I do on our firewalls -- rather than globally, or to combine
allow-recursion and allow-query statements to get what you want.


- Kevin

Luigi P. Bai wrote:

> Now to take this one step in a different direction: I want to have a domain
> server which answers queries for only a small number of domains, and to
> refuse to recursively answer any other queries. I did this with the
> "allow-recursion { none; };" directive. However, I now want to answer
> queries for some domains which I am not master/slave: I forward to those
> domains. In order to accomplish this, I have to put "allow-recursion { any;
> };" in the options field. I can _effectively_ terminate recursion by
> removing the zone "." hint zone, but that give me "nlookup error on ?"
> messages.
>
> Why can't I be able to do this:
>
> options {
>          allow-recursion { none; };
> };
>
> zone "ztf.com" {
>          type forward;
>          forwarders { typically_unreachable_host; };
>          forward only;
>          allow-recursion { any; };
> };
>
> Is this something worth hacking in?
>
> At 12:00 PM 6/8/00 , Cricket Liu wrote:
> --- Begin Original Message ---
> > > Our site cannot contact a dns server due to routing problems.
> > > Fixing the routing is not an option.  However, we would like
> > > to resolve the machines for that site.
> > >
> > > However, we have another DNS server available that is able to
> > > resolve that (external) domain.  Is it possible to set a kind
> > > of forwarders for this domain only?
> >
> >Sure.  You can use BIND 8.2+'s conditional forwarding
> >feature:
> >
> >zone "zone-to-forward.com" {
> >     type forward;
> >     forwarders { 10.0.0.1; };    // name server to forward to
> >     forward only;
> >};
> >
> >cricket
> >
> >Acme Byte & Wire
> >cricket at acmebw.com
> >www.acmebw.com
> >
> >Attend the next Internet Software Consortium/Acme Byte & Wire
> >DNS and BIND class!  See www.acmebw.com/training.htm for
> >the schedule and to register for upcoming classes.
> >
> --- End Original Message ---
> --SIG--------------------------------------------------------
> <A HREF="http://www.focalpoint.com/">Home Page</A>
> education is what's left after what is learned is forgotten.
>                                                -- b f skinner
> Luigi P. Bai                             Focal Point Software, Inc.
> lpb at focalpoint.com                 1225 N. Loop 610 W., Suite 214
> turning data into information      Houston, TX   77008-1757
>                                                (713) 215-1612

More information about the bind-users mailing list