Does global forwarding take precedence over selective forwarding?
Kevin Darcy
kcd at daimlerchrysler.com
Fri Sep 1 01:54:30 UTC 2000
I have no idea why the selective forwarding didn't work for you. I just tried the
same kind of configuration -- global forwarding and per-domain forwarding (to our
MVS WLM/SYSPLEX no less!!) -- and it worked just fine, i.e. the query was
forwarded to the WLM as expected.
You could of course try the iterative alternative: define the zone as "type
stub", and specify "forwarders { }" to cancel the global forwarding for that
branch of the namespace. Then it should query the WLM iteratively.
- Kevin
Treptow, Craig wrote:
> Hi. This is BIND 8.2.2-p5 on AIX 4.3. This is an internal DNS server that
> forwards requests to two firewalls and onto the Internet for things it's not
> authoritative for. This works fine. To this we wanted to add
> prodplex.principal.com on the internal side and have that serverd by another
> DNS server. Delegating this child domain won't work, because the forwarding
> takes precedence over the delegation...or so I've learned from this list.
>
> So I've been trying in vain to get selective forwarding to work for this child
> domain. By everything I've read what I've shown below should work.
>
> When I go "ndc trace", I don't get a named.run.
>
> So is the forwarding to our firewalls somehow stopping the selective
> forwarding? If not, does anybody have some other tips to help me debug this?
>
> Here are my dig sessions followed by snippets of my named.conf:
>
> nameserver1.principal.com # dig @162.131.250.150 wlmftp.prodplex.principal.com
> <
>
> ; <<>> DiG 8.2 <<>> @162.131.250.150 wlmftp.prodplex.principal.com
> ; (1 server found)
> ;; res options: init recurs defnam dnsrch
> ;; got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
> ;; QUERY SECTION:
> ;; wlmftp.prodplex.principal.com, type = A, class = IN
>
> ;; ANSWER SECTION:
> wlmftp.prodplex.principal.com. 1S IN A 162.131.250.150
>
> ;; AUTHORITY SECTION:
> prodplex.principal.com. 1D IN NS mvst.prodplex.principal.com.
> prodplex.principal.com. 1D IN NS mvse.prodplex.principal.com.
>
> ;; ADDITIONAL SECTION:
> mvst.prodplex.principal.com. 1D IN A 162.131.250.150
> mvse.prodplex.principal.com. 1D IN A 162.131.250.105
>
> ;; Total query time: 22 msec
> ;; FROM: nameserver1.principal.com to SERVER: 162.131.250.150
> ;; WHEN: Thu Aug 31 19:54:27 2000
> ;; MSG SIZE sent: 47 rcvd: 155
>
> nameserver1.principal.com # dig wlmftp.prodplex.principal.com
>
> ; <<>> DiG 8.2 <<>> wlmftp.prodplex.principal.com
> ;; res options: init recurs defnam dnsrch
> ;; got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
> ;; QUERY SECTION:
> ;; wlmftp.prodplex.principal.com, type = A, class = IN
>
> ;; AUTHORITY SECTION:
> principal.com. 6H IN SOA nameserver1.principal.com.
> kratochvil.k(
> 2000083102 ; serial
> 3H ; refresh
> 1H ; retry
> 1W ; expiry
> 6H ) ; minimum
>
> ;; Total query time: 5 msec
> ;; FROM: nameserver1.principal.com to SERVER: default -- 0.0.0.0
> ;; WHEN: Thu Aug 31 19:55:41 2000
> ;; MSG SIZE sent: 47 rcvd: 125
>
> options {
> directory "/usr/local/named";
> pid-file "/etc/named.pid";
> named-xfer "/usr/local/bin/bind/named-xfer";
> notify yes;
> check-names master ignore; /* default. */
> check-names slave ignore;
> listen-on port 53 { any; };
> forward only;
> forwarders {204.167.169.129;204.167.169.131;};
> allow-query { any; };
> allow-transfer { dns-secondary-servers; };
> transfer-format many-answers;
> };
> ...
> zone "prodplex.principal.com" {
> type forward;
> forward only;
> forwarders {162.131.250.150; 162.131.250.105;};
> };
>
> zone "principal.com" IN {
> type master;
> file "db.principal.com";
> allow-update { none; };
> allow-transfer { dns-secondary-servers; unix-servers; };
> };
>
> Thanks!
>
> Craig Treptow
> Principal Financial Group
> I/S Network Administration
> (515) 247-6207
More information about the bind-users
mailing list