Overload some records for intern use
Johan VAN RYSEGHEM
johan at websiteburo.com
Fri Nov 13 14:39:38 UTC 2009
Thomas Harold a écrit :
> On 11/13/2009 6:44 AM, Jonathan Petersson wrote:
>> Someone correct me if I'm wrong but using BIND you must have the full
>> zone, partial forwarding/proxying isn't built in so you would need to
>> download the zone and replace the data you need to change.
> If all you want to do is change an A record (served from an external
> zone) to a different internal IP address, then it's doable with BIND.
> For example, if I want to redirect svn.example.org to the internal IP
> address rather then the public IP address, I add the following zone
> file (called "svn.example.org" in my setup):
> $ORIGIN .
> $TTL 600 ; 10 minutes
> svn.example.com IN SOA fw.internal.example.org.
> dns.example.com. (
> 2007052665 ; serial
> 3600 ; refresh (1 hour)
> 900 ; retry (15 minutes)
> 7200 ; expire (2 hours)
> 3600 ; minimum (1 hour)
> NS fw.internal.example.org.
> $ORIGIN svn.example.com.
> A 192.168.0.9
> So for clients inside the LAN who talk to this DNS server and ask for
> "svn.example.com" will get the 192.168.0.9 address. Clients outside
> the LAN or who don't use the DNS server will get the public IP address
> from the public DNS records.
> I don't recall offhand if there's more to it, it's been a year or more
> since I setup that record. Basically you're adding a local private
> zone that is named the same as the DNS record that you're overloading
> and telling BIND to pretend that it is authoritative for that record.
I thought I tried this. I retried and guess what, it worked. Seems like
my original setup was wrong. I must have misused the $ORIGIN keyword.
Nonetheless, I think i'm going to keep pdnsd, as it's easier to setup
for the my use.
Thanks a lot !
Johan VAN RYSEGHEM - Développeur RIAS
Websiteburo | Agence Media Interactive | Bordeaux/Paris
johan.van.ryseghem at websiteburo.com : 06.77.88.51.60 - Fixe : 05.47.74.74.20
More information about the bind-users