DNS on Lnux Problem
David Botham
DBotham at OptimusSolutions.com
Wed Feb 4 22:21:23 UTC 2004
bind-users-bounce at isc.org wrote on 02/03/2004 11:53:54 AM:
> My public dns is done by my ISP. I set up an internal dns server on a
> Redhat Linux ver 9 box. I made the internal domain the same name as the
> public domain name. I can resolve all internal names that are in the
> internal dns database. Via "." hints file, I can resolve all public
names
> except my own public names. I presume this is because my internal dns
> server is "authoritative" for my domain and as a result, if the name is
The reason your name server does not see data in your domain that is
hosted on your ISP's name servers is due to the fact that your name server
has the zone loaded locally. If your name server has the zone loaded
locally, it assumes that it is the only name server that has the zone
loaded and will therefore not look on any other name servers for data in
that zone. Name servers are very narrow minded in this regard, and
rightfully so.
What you need to do is configure your name server with a super set of the
data for your zone. For example, you would want the follow data in your
interanl name server's zone data file for your domain:
1. An SOA RR for the zone.
2. RR's of type A for all hosts on your internal network, specifying the
internal IP addresses for those hosts.
3. RR's of type NS for your internal name servers (while we have
discussed only one here, you do have two internal nameservers, don't
you...)
4. If you have a mail server inside your network, in addition to the A RR
from step 1 above, put an MX RR for it in the internal zone as well.
3. RR's of type A for hosts that are in your domain, but, are hosted
outside your network, such as a colocated web server. Here, you specify
the actual IP address of the web server as it exists on the Internet.
Notice that your internal nameserver has "the most correct/complete" data
about your zone. That way, when your internal clients query this name
server for data in your domain/zone, they get the right answer: Regardless
of whether that answer references an IP address on the local private
network for say the file server, or whether it refers them to an IP on the
Internet where your web server is located. This (these) internal
nameserver combined with your ISP's nameservers (that host an external
version of your domain) is a classic implementation of a split dns.
Hope this helps,
Dave...
> not in one of its zones, it does not go to the root servers.
>
> I thought if I put a forwarder statement in the named.custom file, this
is
> the Linux way of doing it, I could resolve my public names using my
ISP's
> dns. This just made it so the internal dns server would not work at
all.
> Have I done this incorrectly? Any ideas will be welcome.
>
> Regards,
>
> Tom
>
>
More information about the bind-users
mailing list