Delegate from BIND to Windows 2003 DNS (AD Zone)

FabriceR nospam at spam.net
Fri Apr 15 18:11:35 UTC 2005


Hi !

I'am sorry ! So sorry ! :)

It's work.

The BIND DNS was configured with a forwarder list and the request for 
ad.compagny.fr was directed to these forwarders.

I had in my named.conf :

options {
         directory "/var/cache/bind";
         forwarders { 192.168.1.22; 192.168.1.21; };
         forward only;
         allow-transfer { dnssecond; };
};
...

I added to my named.conf :

// Zone ad
zone "ad.compagny.fr" IN {
         type stub;
         file "/etc/bind/db.ad.compagny.fr";
         masters { 192.168.7.17; 192.168.7.27; };
         forwarders { 192.168.7.17; 192.168.7.27; };
         forward only;
};


$ dig host1.ad.compagny.fr

; <<>> DiG 9.2.1 <<>> host1.ad.compagny.fr
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25075
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;host1.ad.compagny.fr.   IN      A

;; ANSWER SECTION:
host1.ad.compagny.fr. 3600 IN    A       192.168.6.13

;; AUTHORITY SECTION:
ad.compagny.fr.     3600    IN      NS      dc1.ad.compagny.fr.
ad.compagny.fr.     3600    IN      NS      dc2.ad.compagny.fr.

;; ADDITIONAL SECTION:
dc1.ad.compagny.fr. 3600 IN    A       192.168.7.17
dc2.ad.compagny.fr. 3600 IN    A       192.168.7.27

;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Apr 14 13:25:33 2005
;; MSG SIZE  rcvd: 166

$

I thought that if BIND know about autoritative server for a zone, It 
doesn't use the forwarders !!! I made a big mistake.

FabriceR.



More information about the bind-users mailing list