Question about forwarder
Barry Margolin
barmar at alum.mit.edu
Mon Feb 27 06:29:11 UTC 2006
In article <dtu2mp$1bc3$1 at sf1.isc.org>,
?E?E>>O <kyounghee2.kim at hynix.com> wrote:
> 5. otherwise, when primary dns(=internal dns) receives query about DMZ
> hosts information, internal dns is supposed to forward external dns(because
> external dns is set up as forwarder)
>
> external dns have to search its own external zone and response to internal
> dns.
>
>
>
> but, external dns(=forwarder) didn??t search own DMZ zone and response is
> failed.
You haven't shown us the configuration, so it's hard to tell for sure.
But my guess is that the DMZ hosts are in the same domain as the
internal hosts. A server will never forward for names in a domain it is
authoritative for. You need to have the internal and DMZ hosts in
different zones.
You could put the internal hosts in a subdomain, like
internal.yourcompany.com. Or you could delegate subdomains for all the
DMZ hosts, e.g.
exthost1 IN NS externalns.yourdomain.com.
exthost2 IN NS externalns.yourdomain.com.
--
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
*** PLEASE don't copy me on replies, I'll read them in the group ***
More information about the bind-users
mailing list