Question about forwarder

Barry Margolin barmar at
Mon Feb 27 06:29:11 UTC 2006

In article <dtu2mp$1bc3$1 at>,
 ?E?E>>O < at> wrote:

> 5.      otherwise, when primary dns(=internal dns) receives query about DMZ
> hosts information, internal dns is supposed to forward external dns(because
> external dns is  set up as forwarder) 
> external dns have to search its own external zone and response to internal
> dns.
> but, external dns(=forwarder) didn??t search own DMZ zone and response is
> failed.

You haven't shown us the configuration, so it's hard to tell for sure.  
But my guess is that the DMZ hosts are in the same domain as the 
internal hosts.  A server will never forward for names in a domain it is 
authoritative for.  You need to have the internal and DMZ hosts in 
different zones.

You could put the internal hosts in a subdomain, like  Or you could delegate subdomains for all the 
DMZ hosts, e.g.

exthost1 IN NS
exthost2 IN NS

Barry Margolin, barmar at
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
*** PLEASE don't copy me on replies, I'll read them in the group ***

More information about the bind-users mailing list