gtaylor at tnetconsulting.net
Tue Apr 27 15:47:21 UTC 2021
On 4/26/21 2:45 PM, bamberg2000 via bind-users wrote:
> BIND 9.11.5, I forward the request ("forward zone" or global "forward
> first") to another server and I get NXDOMAIN. Is it possible to process
> NXDOMAIN other than "redirect zone"? I just want to repeat the request
> to another forwarder.
I'm not sure what your actual use case is or if what I did will work.
I wrote a quick overview article about something I did years ago that
/might/ help with what you /may/ be doing.
Link - Duplicate authoritative DNS zones ... on purpose
TL;DR: Two BIND servers worked in concert with each other such that the
master / authoritative zone in the D.R. environment could be a subset of
the production environment to override things while still falling back
to the full prod environment for records that weren't overridden.
It's a bit of a hack, but it allowed us to enter the ~100 names specific
to the D.R. environment and leverage the other thousands of names from
prod without needing to import / merge records in D.R.
I don't remember why simply using RPZ to override wasn't sufficient. I
think it had to do with the infrastructure / configuration I was working
Maybe this will give you some ideas. Or maybe it wasted some bandwidth
and 30 seconds of people's time.
Grant. . . .
unix || die
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 4013 bytes
Desc: S/MIME Cryptographic Signature
More information about the bind-users