forward question

Marc Lampo marc.lampo at eurid.eu
Thu Sep 1 06:24:11 UTC 2011 

Hello,

Do add "forward only;" to this zone statement.

Is this name server available/visible to the Internet ?
--> add "allow-query" statement to limit who can query for your internal
zone.

Kind regards,

Marc Lampo
Security Officer
EURid



-----Original Message-----
From: CT [mailto:groups at obsd.us] 
Sent: 31 August 2011 11:17 PM
To: bind-users at lists.isc.org
Subject: forward question

We have a public DNS in our DMZ

- Some of the servers in the DMZ provide certain services to services on 
the
inside.
- Currently, certain servers use the Internal AD DNS Servers for
resolution
on a internal DNS domain to provide the services via firewall rules.

I would like all DMZ clients to use the Public DNS and "forward" the 
internal
DNS queries to the Internal AD DNS servers.

zone transfer to the Public DNS from Internal DNS is not an option..

*****************
zone "internal.zone" in {
         type forward;
         forwarders {
                 xxx.xxx.xxx.1;  // ad server 1
                 xxx.xxx.xxx.2; // ad server 2
                 };
};
*****************
Thx
CT

More information about the bind-users mailing list