recursive service and forward
Michael
michael at insulin-pumpers.org
Sat Jun 26 21:34:28 UTC 2004
> Michael wrote:
>
> >I'd like to know if there is a way to configure BIND so that a server
> >with this configuration:
> >
> >zone "myzone.com" in {
> > type forward;
> > forward only;
> > forwarders {
> > 1.2.3.4 port 1234;
> > }
> >}
> >
> >will supply recursive service?
> >
> >The purpose for this... I'm running a dnsbl where the active records are
> >maintained and modified on a continual basis by a number of different
> >daemons and processes that run independently. It is possible for this set
> >of processes to answer an axfr request from bind, but the zone file is
> >immense and for the bind daemon to stay current would consume large
> >resources. Having bind operate as forward only provides caching and
> >robust service to the "outside" without the need to maintain a zonefile.
> >So.... how does one configure bind to do this. I guess the question is
> >how to get bind to respond authoratatively for this zone.
> >
> Well, that's a *different* question. Yes, it will supply recursive
> service, unless you have turned off recursion globally via "recursion
> no" or to a specific client or range via "allow-recursion". But no, it
> will not respond authoritatively, because it isn't authoritative. Only
> masters or slaves are authoritative.
>
> Perhaps you should look at the "sdb" stuff in BIND 9. See doc/misc/sdb.
> You can perhaps use BIND to merely frontend all of these other "daemons
> and processes", but unless someone has already written the SDB part (see
> contrib/sdb), you'll probably have to end up writing it yourself...
>
> - Kevin
>
hmmm.... yes, I've looked at that. Using sdb is sort of the long way
around. The most straightforward way would be to set up a stub with
forwarding and have an option that would turn on AA for that zone so the
stub could be authoratative. That would allow the "junk" behind named to
supply dynamic content via standard upd queries by the named daemon and
have all the niceties that bind can provide in place. I've stared at the
code for a long time but can't find where the decision is made to treat
the zone as non-authoritative. I can follow it easily in the 4.X series,
but 9 is a bit obtouse.
Michael
Michael at Insulin-Pumpers.org
More information about the bind-users
mailing list