Delegation in BIND 8

Kevin Darcy kcd at daimlerchrysler.com
Wed Sep 20 23:11:04 UTC 2000 

BIND 8.1.x doesn't understand zones of type "forward". Either upgrade, or use
some other methodology, like slave or stub zones.


- Kevin

Loucks, Guy wrote:

> People,
>
> Further to my previous note the other week, we are still having some
> peculiar errors with BIND 8. It appears that it simply will not delegate.
> There has to be something simple missing.
>
> Servers 153.107.41.18 and 146 are our external DNS servers. With a subset of
> externally visible DNS information.
>
> Our internal servers consolidate up to our "primary", we have geographic
> secondary servers located throughout the state.
>
> We are in the process of looking at the Windows 2000 product, to do that we
> need to isolate a DNS area for them to keep information the business simply
> does not require out of our core servers.
>
> To do this we have set up a phantom root:
>
> DET.LAB
>
> And we are trying to delegate this to the W2k AD servers. When we query the
> W2k boxes, they appear happy. However we can not get the main DNS server to
> talk with it:
>
> Sep 20 15:45:27 erg named[502]: /etc/namedb/named.conf:4963: syntax error
> near forward
> Sep 20 15:45:27 erg named[502]: no type specified for zone 'det.lab'
> Sep 20 15:45:27 erg named[502]: zone 'det.lab' did not validate, skipping
> Sep 20 15:45:27 erg named[502]: /etc/namedb/named.conf:4973: syntax error
> near '}'
>
> The second line above seems to be the key. The named.conf extract is below.
> We have tired it with and without forward only. We have tried removing all
> forwarders and setting up phantom entries in named.ca for our external DNS
> servers, to no avail.
>
> Your thoughts would be most appreciated. Please email me directly and I will
> summarise again.
>
> options {
>         directory "/etc/namedb/ns_db";
> //      forward only;
>         forwarders {
>                 153.107.41.18;
>                 153.107.41.146;
>                 153.107.41.18;
>                 153.107.41.146;
>                 153.107.41.18;
>                 153.107.41.146;
>         };
>         multiple-cnames yes;
>         version "Surely you must be joking!";
>         /*
>          * If there is a firewall between you and nameservers you want
>          * to talk to, you might need to uncomment the query-source
>          * directive below.  Previous versions of BIND always asked
>          * questions using port 53, but BIND 8.1 uses an unprivileged
>          * port by default.
>          */
>         // query-source address * port 53;
> };
>
> //
> // named.boot file for NSW DET DNS services.
> //
>
> <SNIP>
>
> zone "det.lab" {
>         type forward;
>         forward only;
>         forwarders {
>         153.107.59.131;
>         153.107.59.132;
>         153.107.59.131;
>         153.107.59.132;
>         153.107.59.131;
>         153.107.59.132;
>         };
> };
>
> "named.conf" 5009 lines, 86932 characters
>
> Cheers,
>
> Guy
>
> Guy R. Loucks
> Senior Unix Systems Administrator
> Networks Branch
> NSW Department of Education & Training
> Information Technology Bureau
> Direct +61 2 9942 9887
> Fax +61 2 9942 9600
> Mobile +61 (0)429 041 186
> Email guy.loucks at det.nsw.edu.au

More information about the bind-users mailing list