Internal clients' queries for "myhostname." get sent to forwarders. Why?

Andreas Ntaflos daff at
Mon Mar 10 22:05:47 UTC 2014

On 2014-03-10 22:23, Kevin Darcy wrote:
> Options:

First, thanks a lot for the reply! So it seems what I described is 
indeed the expected behaviour for the type of DNS we operate?

> 1) Change nameservice-switch order (e.g. /etc/nsswitch.conf) on your
> hosts to prefer another source of name resolution (e.g. /etc/hosts)
> which can resolve the shortname. Thus DNS is never used for these lookups

This might be a solution but I find that our DNS setup is just complex 
enough that relying on /etc/hosts would probably introduce more 
problems. Then there's managing /etc/hosts on hundreds of machines, 
which we could of course do with Puppet, but I find that highly 
unappealing. Currently we use Puppet to ensure /etc/hosts contains just 
" localhost" and nothing else.

> 2) Simply :-) change your DNS architecture fundamentally, from one which
> forwards requests to the Internet by default (aka "the Microsoft way"),
> to one with an internal root zone and conditionally forwarding only
> those parts of the namespace that your internal clients actually need to
> see.

I confess that I didn't think there was any feasible way other than what 
you call "the Microsoft way" to operate this kind of internal DNS. I 
also don't think I've ever consciously heard of the setup you describe. 
Can you point me to some reading material on what this entails and how 
to get there?

Thanks again!


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 263 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the bind-users mailing list