Hello list,<br>Here's my scenario:<br>I have multiple DNS servers (one master and a few slaves) authoritative for a few zones (eg <a href="http://mydomain.com">mydomain.com</a>, <a href="http://zone1.mydomain.com">zone1.mydomain.com</a> etc).<br>
I also have a caching server (a stock Redhat caching-nameserver.rpm configuration, BIND 9.2.4 ) which is used by clients on LAN to query DNS for <a href="http://zone1.mydomain.com">zone1.mydomain.com</a>.<br>As far as I understand this caching server does a full recursive resolution to get information for <a href="http://zone1.mydomain.com">zone1.mydomain.com</a> ( going to root servers, then going to .com servers then to <a href="http://mydomain.com">mydomain.com</a> server).<br>
My obective is to convert this caching server into a slave server, which will transfer the full <a href="http://zone1.mydomain.com">zone1.mydomain.com</a>.<br>Am I correct in the assumption that the slave server should answer queries for <a href="http://zone1.mydomain.com">zone1.mydomain.com</a> directly as it has all the information?<br>
I modified the config by adding<br>zone "<a href="http://zone1.mydomain.com">zone1.mydomain.com</a>" {<br> type slave;<br> file "mydomain/<a href="http://hosts.mydomain.com">hosts.mydomain.com</a>";<br>
masters { A.B.C.D; };<br>};<br>to the caching server config and configured the master server to allow transfers. The zone is being transfered correctly, mydomain/<a href="http://hosts.mydomain.com">hosts.mydomain.com</a> is popupated.<br>
However,<br> dig +trace @localhost <a href="http://host1.zone1.mydomain.com">host1.zone1.mydomain.com</a><br>shows that the server is still doing a full recursion, going to the root servers, tld servers etc.<br>What am I missing? Do I also have to list my caching server as NS record in the <a href="http://zone1.mydomain.com">zone1.mydomain.com</a>?<br>
It's located on a private network and won't be able to answer queries from the Internet.<br>Attached is my config file<br>===================================================<br>//<br>// named.conf for Red Hat caching-nameserver<br>
//<br><br>options {<br> directory "/var/named";<br> dump-file "/var/named/data/cache_dump.db";<br> statistics-file "/var/named/data/named_stats.txt";<br> /*<br> * If there is a firewall between you and nameservers you want<br>
* to talk to, you might need to uncomment the query-source<br> * directive below. Previous versions of BIND always asked<br> * questions using port 53, but BIND 8.1 uses an unprivileged<br> * port by default.<br>
*/<br> // query-source address * port 53;<br>};<br><br>//<br>// a caching only nameserver config<br>//<br>controls {<br> inet 127.0.0.1 allow { localhost; } keys { rndckey; };<br>};<br><br>zone "." IN {<br>
type hint;<br> file "<a href="http://named.ca">named.ca</a>";<br>};<br><br>zone "localdomain" IN {<br> type master;<br> file "localdomain.zone";<br> allow-update { none; };<br>
};<br><br>zone "localhost" IN {<br> type master;<br> file "localhost.zone";<br> allow-update { none; };<br>};<br><br>zone "0.0.127.in-addr.arpa" IN {<br> type master;<br>
file "named.local";<br> allow-update { none; };<br>};<br><br>zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {<br> type master;<br> file "named.ip6.local";<br>
allow-update { none; };<br>};<br><br>zone "255.in-addr.arpa" IN {<br> type master;<br> file "named.broadcast";<br> allow-update { none; };<br>};<br><br>zone "0.in-addr.arpa" IN {<br>
type master;<br> file "named.zero";<br> allow-update { none; };<br>};<br><br>zone "<a href="http://zone1.MYDOMAIN.COM">zone1.MYDOMAIN.COM</a>" {<br> type slave;<br> file "mydomain/<a href="http://hosts.mydomain.com">hosts.mydomain.com</a>";<br>
masters { A.B.C.D; };<br>};<br><br>include "/etc/rndc.key";<br>===================================================<br>Thanks<br>Rob<br>