BIND 8 forwarding question

Cricket Liu cricket at menandmice.com
Sat Oct 6 01:56:13 UTC 2001


> I'm setting up a forwarder in BIND 8.2.4 that I don't want to be able to
answer questions
> about internal hosts by asking our external view nameservers.

I can't parse this sentence at all.  You want to prevent it from querying
your external name
servers for internal domain names?

> I tried the suggestion in the DNS and BIND book to set up a stub zone with
an empty
> forwarders list but the forwarder still queries our external view servers.

For which domain names?  Those ending in mentorg.com?

> I tried adding a "forward only" directive to the zone declaration but that
didn't seem to help.
> Neither did declaring the zone of type forwarder and giving it an empty
forwarders list in
> the zone declaration.  Can anyone see where I'm going wrong?
>
> options {
> directory "/cache";
> pid-file "/var/run/named.pid";
> // Created by SIGINT or ndc dumpdb
> dump-file "/var/tmp/dump.db";
> // Created by SIGILL or ndc stats
> statistics-file "/var/tmp/stats";
> statistics-interval 60;
> listen-on { 147.34.97.130; };
> recursion yes;
> fetch-glue yes;
> query-source address 147.34.97.130 port 53;
> version "Surely you're joking, Mr. Feynman.";
> allow-query { localhost; E2; internal-roots; mentor-nets; };
> use-id-pool yes;
> };
>
> zone "." {
> type hint;
> file "db.cache";
> };
>
> zone "mentorg.com" {
> type stub;
> masters { 147.34.22.13; 147.34.96.122; 137.202.21.21; 137.202.93.16; };
> file "stub.mentorg.com";
> forward only;
> forwarders {};
> };

This zone statement would override forwarding for domain names ending in
mentorg.com, *if this name server were configured to use forwarders*.
But it's not, so I'm not sure what you're expecting to happen.

Also, it doesn't make any sense to specify "forward only" when you're
specifying not to use forwarders for mentorg.com domain names.

cricket

Men & Mice
DNS Software & Services
www.menandmice.com




More information about the bind-users mailing list