Forward by zone...
Chimento, Douglas
Douglas.Chimento at FMR.COM
Sat Nov 10 05:32:19 UTC 2001
Thank you very much for you help. But it very difficult to explain what I
am doing, of course I would never configure my name server to do this , its
crap. Here is what I can tell that may be of help
Server b ( the one I am forwarding to) , is not a true BIND server , its a
3dns f5 box.
I can't do a zone transfer of the sub-domain sweet.dude.com because they
want 3dns to handle all queries
Which leaves me with the forward by zone implementation. ( by the way the NS
records worked!! )
> Is this version of dude.com only visible to internal machines?
yes
> Who do you want to know about sweet.dude.com?
not sure what you mean , or why this is relevant. But i guess any one who is
pointed to Server A ( master for dude.com )
would want to know about sweet.dude.com ( ues , i know its dumb response )
>Are you just trying to override the global forwarding for
internal subdomains?
kind of but not really
I think the main point of all of this is:
I want RRs in sweet.dude.com to be answered by another server, it just so
happens that server A also has dude.com
as master and i can't do sub domain delegation
I hope this helps
Thank you
-----Original Message-----
From: Mark.Andrews at isc.org [mailto:Mark.Andrews at isc.org]
Sent: Friday, November 09, 2001 8:38 PM
To: Chimento, Douglas
Cc: 'Cricket Liu'; bind-users at isc.org
Subject: Re: Forward by zone...
>
> Fine, You win
> This is extactly what we have in PRODUCTION
>
> options {
> directory "/var/named";
> forward only;
> forwarders {
> 192.168.31.11; 192.168.31.80; 192.168.31.81;
> };
> check-names slave ignore;
> dump-file "/var/tmp/named_dump.db";
> statistics-file "/var/tmp/named.stats";
> memstatistics-file "/var/tmp/named.memstats";
> /*
> * If there is a firewall between you and nameservers you want
> * to talk to, you might need to uncomment the query-source
> * directive below. Previous versions of BIND always asked
> * questions using port 53, but BIND 8.1 uses an unprivileged
> * port by default.
> */
> // query-source address * port 53;
> };
>
> zone "sweet.dude.com" {
> type forward;
> forward only;
> forwarders { 172.26.11.100; }; //SERVER B
> };
>
> zone "dude.com" {
> type master;
> file "fwd/dude.com";
> also-notify { 192.168.31.89; 192.168.4.88; 192.168.4.89;
> 192.168.45.88; 192.168.45.89; };
> };
This configuration will not work unless there is a delegating
NS RRset for sweet.dude.com in dude.com.
Without the NS RRset you are telling the server to do to
answer questions for sweet.dude.com in two different ways
and the contents of the dude.com zone win (sweet.dude.com
does not exist).
Now there are a number of ways to solve this but we need to
know what you are trying to achieve.
Is this version of dude.com only visible to internal machines?
Who do you want to know about sweet.dude.com?
Are you just trying to override the global forwarding for
internal subdomains?
Mark
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at isc.org
More information about the bind-users
mailing list