Forward zone inside a view

Matus UHLAR - fantomas uhlar at
Thu Feb 7 18:39:50 UTC 2019

On 07.02.19 14:58, Roberto Carna wrote:
>In our company we have several desktops from two different cities accessing
>only to internal domains distributed in two views in a private BIND with
>authoritative zones, where I've defined "recursion no;".
>But now we have to let them access to * hostnames, just this
>public domain and not other.

btw, when did change to

>So I've implemented the forwarding of "" zone to our BIND
>resolvers servers (they forward DNS queries to So I've created a
>third view with this information in named.conf.local:
>acl internet { };
>view "internet" {
>   match-clients { internet; key "custom"; };
> recursion yes;
> zone "" {
>        type forward;
>        forward only;
>        forwarders {
>      ;
>      ;
>        };

>I defined "recursion yes" but the BIND servers forwards all the public
>domains queries to our resolvers and not just for "", so it
>doesn't work. And if I change for "recursion no", the query
> is refused and at the client side appears an error
>telling that recursion is necessary.

of course, BIND will resolve other domains (recurse) only when you allow it
to recurse.

>So I let desktops resolve all the Internet domains or neither, and this is
>not what I want because I just want to let them resolve just
>How can I do to forward only zone queries to my resolvers???

what is the point of running DNS server with only two hostnames allowed to

Matus UHLAR - fantomas, uhlar at ;
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Despite the cost of living, have you noticed how popular it remains? 

More information about the bind-users mailing list