forwarding subdomain to internal box
Wim Livens
wli at escaux.com
Fri Feb 13 23:59:26 UTC 2009
Thanks all for the clear explanation.
If I understand correctly:
- forwarding is not a solution to my problem. (even the suggestion by
Chris didn't help)
- having ns1/ns2 slave from devbox would be a solution (but in my
specific case I can't because devbox runs a custom nameserver based on
Stanford::DNSserver which doesn't do axfr)
- making the dns service of devbox available from the internet (by means
of a proxy, port-forwarding or similar) is the (only) way to go.
Wim.
Kevin Darcy wrote:
> Just as there is a "default-less core" to Internet routing, there is
> also a "forwarding-less core" to Internet DNS, and your nameservers --
> congratulations -- are in that core. The queries you get from other
> nameservers in the core are non-recursive, defined to mean "give me
> whatever information you have, but don't ask anyone else about the
> name". And your nameservers dutifully comply. Ergo, they don't forward.
>
> As someone else pointed out, there could theoretically be (non-core)
> resolvers out there configured to resolve directly from your box. But
> for an authoritative nameserver on the Internet, this would be the
> exception rather than the rule -- mostly your nameserver will be
> talking to other nameservers, not to forwarding or stub resolvers.
>
> If you have some devices that are capable of *proxying* DNS requests
> between the internal box and the Internet, you could delegate the
> subdomain to those devices. But a true, standards-complying nameserver
> will never forward a non-recursive query. The absence of the RD
> (recursion desired) flag on the query specifically told it that the
> client didn't want that.
>
> - Kevin
More information about the bind-users
mailing list