UNIX DNS referrals to Win2k

[Kevin Darcy]

TEST wrote:

> Here's the setup:
>
> BIND owns customer.com
>
> Windows 2000 owns corp.customer.com
>
> We have the following Windows 2000 DC's hosting DNS:
> DC1
> DC2
> DC3
> DC4
>
> If a request comes into the BIND DNS for say corp.customer.com we want the
> BIND DNS to forward that request to any one of the above mentioned Windows
> 2000 DNS servers.

Well, technically BIND does not "forward" the requests unless the requestor
made a recursive query and BIND was configured to honor that request. Note
that server-to-server DNS queries are usually non-recursive, unless
connectivity boundaries are being traversed (like in the case of internal
clients querying Internet names through a firewall). But, regardless,
delegating corp.customer.com to the Microsoft servers should accomplish what
you want -- once other nameservers learn that DC[1234].corp.customer.com are
authoritative for corp.customer.com, then they will send queries for names in
that domain to those servers and (hopefully) get answers back.

> It is my understanding that we simply need the following
> records in the BIND DNS...
>
> DC1.corp    A     154.64.1.141
> DC2.corp    A     154.64.1.142
> DC3.corp    A     154.64.1.143
> DC4.corp    A     154.64.1.144
> corp            IN    NS    dc1.corp.customer.com
> corp            IN    NS    dc2.corp.customer.com
> corp            IN    NS    dc3.corp.customer.com
> corp            IN    NS    dc4.corp.customer.com
>
> So the two questions are:
>
> 1) is this correct?

Looks fine to me, assuming that you have no $ORIGIN statements in the zone
file, or, if you do, that the origin is set to customer.com prior to those
entries. Note that the A records are only required -- and in fact are only
*legal* -- because the delegated nameservers' names happen to be in the
delegated zone itself.

> 2) and where exactly do we put these records?  Which file on the BIND DNS
> server?

The master zone file for customer.com.


- Kevin