matt at conundrum.com
Thu Aug 11 17:21:41 UTC 2016
On 11 August 2016 at 10:14, Bob McDonald <bmcdonaldjr at gmail.com> wrote:
> Currently, clients sending queries for domain child.example.com. to
> server A get good results.
> However, clients sending queries for domain child.example.com. to server
> C get SERVFAIL because server C has no access to server B. (I'm guessing
> there is a firewall issue)
Your problem here is not directly related to the delegation. Your problem
is that you have a recursive server (C) which is blocked from reaching a
part of the Internet where there is an authoritative server (B) it needs to
If these servers are not listed in the stub resolvers of systems as their
local recursors, then turn off recursion on the servers. Otherwise, open
up your firewall rules to allow your recursive servers to reach the entire
Internet, and the entire Internet to reach your authoritative servers.
> The question is if I get rid of the delegation and put in a stub zone on
> server A pointing to child.example.com. on server B, can I use forwarders
> for child.example.com. on server C to point at server A for resolution of
> child.example.com.? (Will server A get answers directly from server B or
> will server A simply refer me to server B?)
That's a very convoluted way of fixing what is simply a bug in your
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the bind-users