Forwarding zones not working

Josh Richard jrichar4 at d.umn.edu
Thu Aug 13 14:04:50 UTC 2009


Hello self,

I just figured this out.

I had to add:

foo.com. IN NS reg.

to db.root.

Regards,

-j

On Thu, 2009-08-13 at 08:41 -0500, Josh Richard wrote:
> Hello bind-users,
> 
> bind 9.3.4, Debian
> 
> goal:
> resolve any.dns.name -> 1.2.3.4, unless queries are for zones specified
> in sites.conf.  In the latter case, forward to a trustworthy name
> server.
> 
> === named.conf ===
> 
> include "/etc/bind/sites.conf";
> 
> zone "." {
>         type master;
>         file "/etc/bind/db.root";
> };
> 
> === db.root ===
> 
> $TTL 3h
> . IN SOA reg.  root.reg. (
>                      7       ; Serial
>                      3h      ; Refresh
>                      1h      ; Retry after 1 hour
>                      1w      ; Expire after 1 week
>                      1h )    ; Negative Caching TTL
> . IN NS reg.
> 
> *       86400   IN      A       1.2.3.4
> 
> === sites.conf zone example ===
> zone "foo.com" in
> {
>  type forward;
>  forward first;
>  forwarders { 10.10.10.10; };
> };
> 
> 
> === what happens:
> 
> dns lookups for anything resolve to 1.2.3.4 as specified in db.root
> (even foo.com).   The more specific matches returned by the forwarder in
> the sites file are never consulted.
> 
> If I change 'type master' to 'type hint' in the named.conf file, the
> sites file is consulted and the results are accurate, but the general
> case does not (anything -> 1.2.3.4).
> 
> Seems like what I have done should work.  I am concerned the wildcard
> '*' is the issue -- the forwarders should be consulted as the match is
> more specific correct?
> 
> Any ideas are greatly appreciated.
> 
> Regards,
> 
> Josh Richard
> 
> 
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20090813/8f9088ab/attachment.bin>


More information about the bind-users mailing list