Delegate from BIND to Windows 2003 DNS (AD Zone)
FabriceR
nospam at spam.net
Fri Apr 15 18:11:35 UTC 2005
Hi !
I'am sorry ! So sorry ! :)
It's work.
The BIND DNS was configured with a forwarder list and the request for
ad.compagny.fr was directed to these forwarders.
I had in my named.conf :
options {
directory "/var/cache/bind";
forwarders { 192.168.1.22; 192.168.1.21; };
forward only;
allow-transfer { dnssecond; };
};
...
I added to my named.conf :
// Zone ad
zone "ad.compagny.fr" IN {
type stub;
file "/etc/bind/db.ad.compagny.fr";
masters { 192.168.7.17; 192.168.7.27; };
forwarders { 192.168.7.17; 192.168.7.27; };
forward only;
};
$ dig host1.ad.compagny.fr
; <<>> DiG 9.2.1 <<>> host1.ad.compagny.fr
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25075
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; QUESTION SECTION:
;host1.ad.compagny.fr. IN A
;; ANSWER SECTION:
host1.ad.compagny.fr. 3600 IN A 192.168.6.13
;; AUTHORITY SECTION:
ad.compagny.fr. 3600 IN NS dc1.ad.compagny.fr.
ad.compagny.fr. 3600 IN NS dc2.ad.compagny.fr.
;; ADDITIONAL SECTION:
dc1.ad.compagny.fr. 3600 IN A 192.168.7.17
dc2.ad.compagny.fr. 3600 IN A 192.168.7.27
;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Apr 14 13:25:33 2005
;; MSG SIZE rcvd: 166
$
I thought that if BIND know about autoritative server for a zone, It
doesn't use the forwarders !!! I made a big mistake.
FabriceR.
More information about the bind-users
mailing list