UNIX DNS referrals to Win2k
Kevin Darcy
kcd at daimlerchrysler.com
Thu Mar 8 18:32:38 UTC 2001
TEST wrote:
> Here's the setup:
>
> BIND owns customer.com
>
> Windows 2000 owns corp.customer.com
>
> We have the following Windows 2000 DC's hosting DNS:
> DC1
> DC2
> DC3
> DC4
>
> If a request comes into the BIND DNS for say corp.customer.com we want the
> BIND DNS to forward that request to any one of the above mentioned Windows
> 2000 DNS servers.
Well, technically BIND does not "forward" the requests unless the requestor
made a recursive query and BIND was configured to honor that request. Note
that server-to-server DNS queries are usually non-recursive, unless
connectivity boundaries are being traversed (like in the case of internal
clients querying Internet names through a firewall). But, regardless,
delegating corp.customer.com to the Microsoft servers should accomplish what
you want -- once other nameservers learn that DC[1234].corp.customer.com are
authoritative for corp.customer.com, then they will send queries for names in
that domain to those servers and (hopefully) get answers back.
> It is my understanding that we simply need the following
> records in the BIND DNS...
>
> DC1.corp A 154.64.1.141
> DC2.corp A 154.64.1.142
> DC3.corp A 154.64.1.143
> DC4.corp A 154.64.1.144
> corp IN NS dc1.corp.customer.com
> corp IN NS dc2.corp.customer.com
> corp IN NS dc3.corp.customer.com
> corp IN NS dc4.corp.customer.com
>
> So the two questions are:
>
> 1) is this correct?
Looks fine to me, assuming that you have no $ORIGIN statements in the zone
file, or, if you do, that the origin is set to customer.com prior to those
entries. Note that the A records are only required -- and in fact are only
*legal* -- because the delegated nameservers' names happen to be in the
delegated zone itself.
> 2) and where exactly do we put these records? Which file on the BIND DNS
> server?
The master zone file for customer.com.
- Kevin
More information about the bind-users
mailing list