Forward only some subdomains?

[David Botham]

bind-users-bounce at isc.org wrote on 02/06/2004 04:57:40 PM:
> I've had this setup working nicely for quite a while, but our ISP just 
> threw a wrench into the works.
> 
> Our ISP handles our DNS (for the outside Internet world) and email.  We 
> handle web and ftp on our server (behind a NAT router).  Internally, I 
> have a DNS server set up with the same domain name - mostly so that 
> internal queries get a local IP for our web pages. 


This setup is called a split-dns. 

>It is set up to 
> forward all queries except for our domain name.

Probably a bad idea if the name servers to which you forward go away, 
change IP, etc...

> 
> Before, we checked and sent our mail with our ISP's domain name 
> (pop.chartermi.net, smtp.chartermi.net), but now they want us to use 
> pop.ourdomain.com and smtp.ourdoamin.com.  Since our internal DNS 
> catches all ourdomain.com queries, we can't get an IP for pop. and smtp.


I am not sure what you mean by "can't get"???  Anyway, put to RR's into 
your internal zone, one for pop... and the other for smtp... each with the 
IP address of the pop and smtp servers respectively (or the same IP if 
both service run on the same box).


Maybe you could help me out by telling me what you mean by "can't get and 
IP for pop. and smtp."



> 
> So, is there a way to forward certain subdomain queries and catch all 
> others?  Bind 9.2.2
> 
> Currently the named.conf looks like:
> 
> options {
>     directory "/var/named";
>     allow-transfer {none;};
>     recursion true;
>     notify no;
>     forward first;
>     forwarders {
>             24.196.64.39;
>             24.196.64.40;
>         };

Don't forward unless you have to.  Let your name server use a normal 
resolution process to get the answers it needs.



Dave...

> };
> 
> - snip -
> 
> zone "ourdomain.com" IN {
>     file "ourdomain.com.zone";
>     type master;
>     forwarders {};
> };
> 
> zone "1.168.192.in-addr.arpa" IN {
>     file "1.168.192.in-addr.arpa.zone";
>     type master;
>     forwarders {};
> };
> 
> 
> I've tried adding a forward zone entry for pop and smtp, but that didn't 

> work - no domain found.  Adding a NS entry in the zone file for pop and 
> smtp just ends up timing out when asking for those.  So for now I just 
> have A records for pop and smtp in the zone file, but I'm sure that's 
> not the way to do it, tho it works for now.
> 
> 
> -WoK
> 
> -- 
> Don't Panic.
>