Own root cache for outside resolutios , possible?
Kevin Darcy
kcd at daimlerchrysler.com
Fri Jun 21 21:21:26 UTC 2002
"Joaquin J. Domens" wrote:
> Hi group,
>
> I've a question for you.....
>
> I've configured two machines as internal dns's for our company that
> contain all of our internal zones and it has no public ip, the thing
> it's that our internal services need to resolve outside domains also.
>
> Which is the smartest solution to mantain this architecture?
>
> I've tried to built my own root.cache so that when they have to resolve
> external domains (yahoo.com , etc) the queries are redirect to other
> dns's that has public ip and external resolution, but it looks like he
> stills look for the real root cache sinstead of the file I've created.
>
> Do I have to built my root.cache in a special way ? or it's not possible
> to do this ?
>
> Hope my explanation it's clear .......
>
> BIND: 8.3.1
> OS: Solaris 8
If your internal nameservers don't have access to Internet nameservers
(including the root servers), then the only way you can enable them to
resolve Internet names is to forward queries, in "forward only" mode, to
better-connected nameservers.
But, as has already been pointed out, it might be better to use proxying.
Then your internal clients don't need to resolve Internet names; only your
proxies do. This makes the setup a lot more manageable.
- Kevin
More information about the bind-users
mailing list