forward first: iterative or recursive query

Chris Buxton chris.p.buxton at gmail.com
Thu May 5 17:47:10 UTC 2011 

If recursion is disabled, forwarding doesn't happen. I think you've confused some terms and configurations.

Don't use forwarding from a recursive server to a non-recursive server. Use a stub zone instead, if you can't rely on the recursion process to find the correct server to query.

If server 2 is auth-only or otherwise can't resolve the address of www.abc.com, then forwarding a query to it is not going to work. However, if server 1 is a caching server and is able to resolve www.abc.com, then using a stub zone for example.com will work; server 2 will send the CNAME record to server 1, and then server 1 will resolve the final address record on its own.

Chris Buxton
BlueCat Networks

On May 5, 2011, at 2:15 AM, <iharrathi.ext at orange-ftgroup.com> <iharrathi.ext at orange-ftgroup.com> wrote:

> Hi,
> i have a server called server1 that is acting as a cache server( recursion none). And i forward the zone example.com to server2 which has recursion enabled and master on some zone like example.com.
>  this is the forwarding zone on server1:
> zone "example.com" {
>         type forward;
>         forward only;
>         forwarders { IP_of server2;  };
> };
> and server2 is master of the zone example.com:
> 
> zone "example.com" {
>         type master;
>         file "master/db.example.com";
> };
>  
>  
> BUT the problem is here:
> db.example.com:
> ....
> $ORIGIN example.com.
> www                       A        1.2.3.4
> ftp                          CNAME      www.abc.com
>  
>  
>  
> server1 can resolve www.example.com, but can't resolve ftp.example.com since the server2 sends the answer which is www.abc.com and not the IP, and my server1 can't make recursion to resolve www.abc.com.
>  
> why?
> from server1 when i dig on server2: dig @IP-server2 www.example.com it sends to me the IP, all is OK!!! but with a forwarding statement it sends only the CNAME
>  
> server1 is bind9.6-ESV-R4  et server2 bind-9.4.2
>  
> Thanks.
> Issam HARRATHI
> 
> De : Chris Buxton [mailto:chris.p.buxton at gmail.com] 
> Envoyé : mercredi 4 mai 2011 08:49
> À : HARRATHI Issam Ext OLNC/DPS
> Cc : bind-users at lists.isc.org
> Objet : Re: forward first: iterative or recursive query
> 
> With a static-stub zone, you would get an iterative query. Forwarding always results in a recursive query.
> 
> How are you determining that your server is sending an iterative query?
> 
> Can we (the list) see your named.conf?
> 
> Regards,
> Chris Buxton
> BlueCat Networks
> 
> On May 3, 2011, at 5:21 AM, <iharrathi.ext at orange-ftgroup.com> <iharrathi.ext at orange-ftgroup.com> wrote:
> 
>> Hi
>> from the book DNS and Bind 5th edition [french] (o'reilly)
>> I read that the forward with the mode first sends a recursive query to the servers on the forwarders list, but as i see it only sends an iterative query. Also with forward only it send an itérative query.
>> So forward first send an itérative or recursive query?
>>  
>> And how i can send a recursive query with the statement forward ( without using static-stub)
>> I'm using bind-9.6-ESV-R4
>>  
>> Thanks.
>> Issam HARRATHI.
>> ********************************************************************************
>> IMPORTANT.Les informations contenues dans ce message electronique y compris les fichiers attaches sont strictement confidentielles
>> et peuvent etre protegees par la loi.
>> Ce message electronique est destine exclusivement au(x) destinataire(s) mentionne(s) ci-dessus.
>> Si vous avez recu ce message par erreur ou s il ne vous est pas destine, veuillez immediatement le signaler  a l expediteur et effacer ce message 
>> et tous les fichiers eventuellement attaches.
>> Toute lecture, exploitation ou transmission des informations contenues dans ce message est interdite.
>> Tout message electronique est susceptible d alteration.
>> A ce titre, le Groupe France Telecom decline toute responsabilite notamment s il a ete altere, deforme ou falsifie.
>> De meme, il appartient au destinataire de s assurer de l absence de tout virus.
>> 
>> IMPORTANT.This e-mail message and any attachments are strictly confidential and may be protected by law. This message is
>> intended only for the named recipient(s) above.
>> If you have received this message in error, or are not the named recipient(s), please immediately notify the sender and delete this e-mail message.
>> Any unauthorized view, usage or disclosure ofthis message is prohibited.
>> Since e-mail messages may not be reliable, France Telecom Group shall not be liable for any message if modified, changed or falsified.
>> Additionally the recipient should ensure they are actually virus free.
>> ********************************************************************************
>> _______________________________________________
>> bind-users mailing list
>> bind-users at lists.isc.org
>> https://lists.isc.org/mailman/listinfo/bind-users
> 
> ********************************************************************************
> IMPORTANT.Les informations contenues dans ce message electronique y compris les fichiers attaches sont strictement confidentielles
> et peuvent etre protegees par la loi.
> Ce message electronique est destine exclusivement au(x) destinataire(s) mentionne(s) ci-dessus.
> Si vous avez recu ce message par erreur ou s il ne vous est pas destine, veuillez immediatement le signaler  a l expediteur et effacer ce message 
> et tous les fichiers eventuellement attaches.
> Toute lecture, exploitation ou transmission des informations contenues dans ce message est interdite.
> Tout message electronique est susceptible d alteration.
> A ce titre, le Groupe France Telecom decline toute responsabilite notamment s il a ete altere, deforme ou falsifie.
> De meme, il appartient au destinataire de s assurer de l absence de tout virus.
> 
> IMPORTANT.This e-mail message and any attachments are strictly confidential and may be protected by law. This message is
> intended only for the named recipient(s) above.
> If you have received this message in error, or are not the named recipient(s), please immediately notify the sender and delete this e-mail message.
> Any unauthorized view, usage or disclosure ofthis message is prohibited.
> Since e-mail messages may not be reliable, France Telecom Group shall not be liable for any message if modified, changed or falsified.
> Additionally the recipient should ensure they are actually virus free.
> ********************************************************************************

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20110505/eea1f50b/attachment.html>

More information about the bind-users mailing list