forwarder is ignored when authoritative zone is added

Frank Even lists+isc.org at elitists.org
Fri Oct 26 06:15:59 UTC 2012


I've recently had an issue that I'm having some issues finding
information on solving.

I have internal DNS resolvers...they act as recursive name servers for
general internet queries, but we have forwarders explicitly defined
for specific internal zones being served by other name servers.

My configuration has one particular zone configured as such:

zone "internal.organization.com" IN { type forward; forward only;
forwarders {172.x.x.x; 172.x.x.x; }; };

I have our main zone, organization.com, hosted in an external area
outside of a firewall with a wildcard record contained in it for
anything that is not explicitly defined.  I have some services that I
need to reach using names that are in this external zone internally.
What I'm trying to do is to slave the organization.com zone to my
internal recursive resolver to mitigate any possible network issues.

So I setup the internal resolver as a slave for the "organization.com"
zone and found that queries against "internal.organization.com" were
getting answered with the wildcard for the external "organization.com"
zone.  I can't seem to figure out why the forwarders are getting
ignored.  Is it an order of precedence, say authoritative zones are
respected over forwarders...or something else??

Thanks for any assistance anyone can provide, or point me to some
documentation I'm missing,
Frank



More information about the bind-users mailing list