"Catch-all" forwarding

D McDonald renski at sdf.lonestar.org
Wed Dec 15 14:56:29 UTC 2004 

If understand you correctly, yes, people do it all the time. Use forward,
on the internal DNS server add something like this to options.

forwarders { 10.0.0.3; }

replace 10.0.0.3 with your external servers address..

Someone correct me if Im wrong, from previous posts you might be able to tell im not yet an expert on dns.

Darren

On Wed, Dec 15, 2004 at 02:32:35PM +0000, Harry Sufehmi wrote:
> We currently have a situation in our infrastructure where I'll very much 
> appreciate your input into it.
> 
> A bit of background: Our company used to have a decentralized IT 
> management. Therefore each department can have their own DNS server and 
> structure.
> Now we have it centralized, and currently trying to consolidate our DNS 
> infrastructure.
> 
> At the moment we're using 2 domain names internally, internal.pri and 
> ourdomain.gov.uk - I know we shouldn't be using the second one 
> internally, but people are already using it so we need to accommodate 
> that while we sort everything out.
> 
> internal.pri DNS server is completely isolated internally, while 
> ourdomain.gov.uk DNS server is placed on DMZ so it can serve both 
> external and internal requests.
> 
> There's a requirement that if a query for a host is not found on 
> internal.pri server, then it's to be forwarded to ourdomain.gov.uk DNS 
> server.
> 
> The reason for this is that many machines have been setup to use 
> internal.pri DNS, but will submit queries for hosts (not an FQDN) which 
> actually lives in ourdomain.gov.uk zone
> 
> I've done a research on this for the last few days, but due to my almost 
> complete lack of expertise on this topic, I've not been able to find a 
> solution for this requirement.
> 
> If only the queries are submitted as FQDN, then we just need to set a 
> ourdomain.gov.uk zone in internal.pri server, and specify it to forward 
> all incoming requests to the real ourdomain.gov.uk server.
> Alas, no such joy for us.
> 
> I wonder if anyone has done this before, and how ?
> 
> 
> Many thanks,
> Harry
> 
> 
> 

-- 
renski at sdf.lonestar.org
SDF Public Access UNIX System - http://sdf.lonestar.org

More information about the bind-users mailing list