forwarders

Johnny Fribert Lauridsen jlaurids at cisco.com
Fri Mar 31 21:10:32 UTC 2000


Wow, you seem really sure about this Joe.  Big 'NO', big 'AUTHORITY', etc.
Some implementations do actually support DNS Exceptions, so that this problem can be handled, selectively.
I actually tried one, hands-on and all.
May not be strictly RFC, but I think you will see that the market will demand more functionality in DNS than
currently is RFCed.  Does multimaster dns also spring to mind?  
I do not think that anyone should be too RFC-tight these days with Win2000 rolling out.  Things will happen in the
DNS arena, whether or not ietf follows (they probably will, because the market-place needs them to - If they do not,
well, I hate thinking that thought to the end).
my 2 cents,
Johnny

At 15:49 31/03/2000 -0500, Joseph S D Yao wrote:
>On Fri, Mar 31, 2000 at 01:27:03PM -0600, Jay C Austad wrote:
> > Is there a way to set up our internal dns server (that thinks it's authoritative for foo.com), query another nameserver for the address if it doesn't have it?
> > 
> > Say a user requests www.foo.com, which doesn't have an internal ip, so it's not in the internal dns, can the DNS server go look somewhere else (i.e. the external DNS server)  for it and return it to the user?
>
>NO.
>
>Sorry, this has been asked so many times ...
>
>An authoritative server is just that.  Authoritative.  It is the
>authority, THE authority, the AUTHORITY, the server that knows
>EVERYTHING there is to know about the domain.  There is no such thing
>as a fractional authority.  It is ALL or NOTHING.
>
>The logical extension of this is that, once you have asked the
>Authoritative Server about the name, there is no need to ask anybody
>else.  The Authoritative Server knows all, tells all.  If it doesn't
>know, then there is nothing to know.  It is Authoritative.
>
>The alternative would be to have a domain with, say, thirteen servers,
>any three of which may be out of commission at any given time, wait to
>query ALL of them for ANY hint of ANY possible information about a
>name.  Sort of like, Mommy said no, let's wait for Daddy to get up and
>then we'll ask him, and if we don't like the answer, we'll peddle over
>to Grandpa's house and wait for HIM to get up and ask him.  There isn't
>enough time in the world to do it this way.  ;-)
>
>Your alternatives, in your case:
>
>(1) make sure that the internal name server replicates all information
>from the external name server.  This has to be done manually, or with
>something that you write, so as not to lose internal DNS information.
>This may be a pain, if you have large groups of hosts both places.
>(2) make inside and outside two separate domains, possibly one being a
>subdomain of the other.
>
>-- 
>Joe Yao                         jsdy at cospo.osis.gov - Joseph S. D. Yao
>COSPO/OSIS Computer Support                                     EMT-B
>-----------------------------------------------------------------------
>This message is not an official statement of COSPO policies.




More information about the bind-users mailing list