Queries regarding forwarders

Blason R blason16 at gmail.com
Thu Aug 9 04:02:16 UTC 2018

Hi there,

Due to the architecture since I have my internal DNS RPZ built I wanted my
other internal  DNS servers should send traffic to RPZ server and then RPZ
would resolve on behalf of client.

Client --->DNS AUTH Server for xyz.com===> Fporwarder ==>>

On Wed, Aug 8, 2018 at 10:26 PM Matus UHLAR - fantomas <uhlar at fantomas.sk>

> On 08.08.18 19:32, Blason R wrote:
> >I am bit confused about DNS forwarders. I have two BIND Servers one is
> >being used as Authoritative DNS server which has forwarder set
> why?
> > to other
> >server like this
> >
> >Auth Server  for xvyz.com
> >Recursive Server
> >
> >Now if I am debugging from client side using -debug option I see
> > is directly resolving with ROOT DNS Servers though I have
> >recursive no; option set in my BIND config.
> BIND has internal list of root servers.
> > Ideally the query should have
> >gone to but in debug I am seeing the below output.
> ideally you would not use forwarder on BIND, unless you really must.
> --
> Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
> Warning: I wish NOT to receive e-mail advertising to this address.
> Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
> If Barbie is so popular, why do you have to buy her friends?
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20180809/e7def1ea/attachment.html>

More information about the bind-users mailing list