local server forwarding to remote server woes

phn at icke-reklam.ipsec.nu phn at icke-reklam.ipsec.nu
Fri Dec 6 17:17:14 UTC 2002


Randal Cobb <cobbr at daugherty.com> wrote:
> Hello all,

> I am new to BIND, so my question may have been answered many times
> before, but I could not find an answer in the archives...  I have a
> problem that could easily be a "RTFM, you bone-head!" problem.

> I have a master DNS server (unfortunately, NT based) based in a remote
> office, that we cannot touch.  I cannot add or modify records in it at
> all.  I have the need to create a local server (BIND8 based) that will
> participate in the same domain.  I need this because I have a Linux box
> that has about 30 virtual IP addresses hosted on it for internal
> development.  I would like to set this new BIND server up in the same
> corporate-wide domain, but set it so that it becomes the primary DNS
> server for my local machines, the gotcha is, I cannot set it to be a
> slave, because of domain permissions in the remote location.=20=20

> For example, the master server hosts mydomain.com.  I would like to set
> up the new server so that it also serves mydomain.com, but only the
> local virtual IP addresses for the Linux server.  Any other mydomain.com
> request would be forwarded to the master hosted in the remote location.

> With that background, I have tried the following configuration:=20
> installed bind8 and added a domain (both forward and reverse) with the
> local ip addresses, I added NS records to each of the forward and
> reverse files that point to the remote master.  I have also added the
> forward only, and forwarders options that point to the master server.

> The problem is, no matter what I try, I cannot resolve any other of the
> corporate domain resources (i.e., mail server, etc.) all of which are
> served by the master server.

> How do I configure my local named server to pass the requests up to the
> forward master if it cannot find an entry in the local domain records?

> Any help would be greatly appreciated.  I despirately need to rid myself
> of the HOSTS file nitemare I'm currently dealing with.

There is no perfect way to do what you want ( since dns assumes that=20
a server that is auth for a domain knows evertything about that domain.)

You could create a "shadow name space" but then you will have to make a co=
py=20
of the current domain, add your new things and then foreverr keep tracking=
=20
the other server for any changes.

The easiest thing for you is to create a sub-domain and place your resourc=
es there,
leaving the parent domain to the other admin.



> --=20
> Cheers,

> Randal Cobb
> Senior Consultant
> Daugherty Systems, Inc.
> cobbr at daugherty.com




--=20
Peter H=E5kanson=20=20=20=20=20=20=20=20=20
        IPSec  Sverige      ( At Gothenburg Riverside )
           Sorry about my e-mail address, but i'm trying to keep spam out,
	   remove "icke-reklam" if you feel for mailing me. Thanx.


More information about the bind-users mailing list