can bind8 override a single A record?
Nathan.HAND at dewr.gov.au
Thu Jan 20 05:04:06 UTC 2005
Just explaining the problem seems to have jumpstarted my brain. Could I
have a zone called server.partner.com.au on our DNS server? An A record
for that zone would resolve to our local NAT address. All other requests
(eg, www.partner.com.au) would use the authorative server for
Is there a gotcha with that solution that I'm not seeing?
> -----Original Message-----
> From: bind-users-bounce at isc.org=20
> [mailto:bind-users-bounce at isc.org] On Behalf Of HAND,Nathan
> Sent: Thursday, January 20, 2005 3:57 PM
> To: bind-users at isc.org
> Subject: can bind8 override a single A record?
> I have an unusual situation and I'm hoping bind8 can solve it.=3D20
> The short version of the question is, can bind8 override a=20
> single A record in a zone, but forward all other requests to=20
> the authorative nameserver.
> Here's the long version. Our dept has a partner site;=20
> partner.com.au. They host their own DNS and the majority of=20
> access to partner.com.au is via the Internet. However, they=20
> host a single server - server.partner.com.au - that we=20
> connect to over a leased line. Their internal addresses don't=20
> match our own, so NAT is used to make server.partner.com.au=20
> appear to be on our local network. The leased line router=20
> (running NAT) is independent of our border router.
> This worked fine for many moons. We simply used the local NAT=20
> address in all applications. Recently we have "acquired" an=20
> application that is hardwired to use the name=20
> server.partner.com.au, resolving that to an IP address via=20
> DNS. This, of course, resolves to the real address, not our=20
> local NAT address, so the leased line is not being used.
> The application cannot be fixed. It's not going to be=20
> practical to deploy a hosts file to all our desktops/servers.=20
> Also it won't be possible to change the authorative A record=20
> for server.partner.com.au. NATing the real address into the=20
> local NAT address at our border router was considered and=20
> rejected. A combination of politics, bureaucracy and=20
> technical hurdles have exhausted all those possibilities.
> So the thought running around here was, could we modify our=20
> own DNS server to "rewrite" the server.partner.com.au A=20
> record to use our NAT address, but leave all other records in=20
> that zone alone? We don't want to be authorative for the=20
> entire zone. We just want to override a single A record for=20
> the benefit of this application.=3D20
> I hope that explanation was clear. Any ideas on what can be done?
> The information contained in this e-mail message and any=20
> attached files may be confidential information, and may also=20
> be the subject of legal professional privilege. If you are=20
> not the intended recipient any use, disclosure or copying of=20
> this e-mail is unauthorised. If you have received this=20
> e-mail in error, please notify the sender immediately by=20
> reply e-mail and delete all copies of this transmission=20
> together with any attachments.
The information contained in this e-mail message and any attached files may
be confidential information, and may also be the subject of legal
professional privilege. If you are not the intended recipient any use,
disclosure or copying of this e-mail is unauthorised. If you have received
this e-mail in error, please notify the sender immediately by reply e-mail
and delete all copies of this transmission together with any attachments.
More information about the bind-users