Bind Forwarders Not Working.

Kevin Darcy kcd at
Fri Feb 17 00:05:54 UTC 2006

Conrad G wrote:

>I am trying to enable Bind 9.3.x to use forwarders in the following 
>First the query should check the local zones. If no zone is defined then 
>the forwarders should be queried.
>I have tried using forwarding first but this works in the reverse it 
>checks the forwarders first them the local.
>How do I get the server to query local first then the forwarders.
By "local" do you mean authoritative data? Assuming that translation, 
what you describe should work with ordinary forwarding, but it's 
important to understand that named's decision to forward or not forward, 
is determined by what *zone* contains the name being queried. If named 
has authoritative data for the zone in question, it will answer from 
that authoritative data and *only* from that authoritative data (it 
won't forward), otherwise it'll "fail over" to other resolution 
mechanisms, such as plain-old-forwarding, if configured ("forward only") 
or forwarding-with-fallback-to-iterative-resolution, if configured 
("forward first").

This is a somewhat subtle point, but perhaps an example will illuminate. 
Querying if the nameserver is authoritative for, but within that authoritative data, there is no or anything beneath it, then the nameserver will return 
NXDOMAIN. In order for some "global" forwarding rule to kick in, at the 
very least or would need to be 
delegated. That would put the name in a different 
*zone* from, one for which potentially the BIND instance is 
not authoritative.

                                             - Kevin

More information about the bind-users mailing list