Forwarding request to another DNS server but the same domain
Kevin Darcy
kcd at chrysler.com
Wed Apr 30 23:11:05 UTC 2014
I'm still not understanding your constraints. If *all* updates come in
through Dynamic Update, then you don't need freeze/unfreeze.
- Kevin
On 4/30/2014 6:47 PM, Jeronimo L. Cabral wrote:
> In office #1, the "company.com <http://company.com>" master zone is
> updated automatically from some Windows machines inn DNS1 and in
> office #2 the same zone is updated manually in DNS2 by the
> administrator who shouldn't update (using freeze and unfreeze) the
> master zone from office #1. This is the scenario, and we need that a
> simple query to DNS1 be responded with any record from both zones.
>
> Thanks again
>
>
> On Wed, Apr 30, 2014 at 5:54 PM, Kevin Darcy <kcd at chrysler.com
> <mailto:kcd at chrysler.com>> wrote:
>
> Oh, I thought this was an external-versus-internal scenario. But,
> this is even easier.
>
> A) One of the nameservers (pick DNS1 or DNS2) becomes a slave (of
> the "stealth" variety, if you want) of the other
> B) People use nsupdate to maintain the zone
>
> For security, TSIG-sign the updates. For fast change propagation,
> set up NOTIFY if and as necessary.
>
> - Kevin
>
>
> On 4/30/2014 4:32 PM, Jeronimo L. Cabral wrote:
>> Dear John, this is my scenario:
>>
>> 1) Office 1: people work with some machines and fill up a local
>> master zone "company.com <http://company.com>" with records in DNS1
>> 2) Office 2: people works with some others machines and fill up a
>> local master zone "company.com <http://company.com>" with another
>> records in DNS2
>>
>> So both office have a different master zone.
>>
>> Both offices belong to the same company, so I need that any
>> client PC can resolve a hostname from "company.com
>> <http://company.com>" domain, independently if this record is in
>> DNS1 or DNS2.
>>
>> Thanks again, regards.
>>
>> JeLo
>>
>>
>>
>> On Wed, Apr 30, 2014 at 5:21 PM, John Miller
>> <johnmill at brandeis.edu <mailto:johnmill at brandeis.edu>> wrote:
>>
>> Hi Jeronimo,
>>
>> First of all, please just tell us the real domain. Yes, we
>> could try and talk about a fictitious "example.com
>> <http://example.com>" or "company.com <http://company.com>,"
>> but having the real domain name lets us actually query your
>> nameservers.
>>
>> Let me be sure I understand: you have two DNS servers. Each
>> of them is authoritative for the same domain. Are both set
>> as master?
>>
>> The two servers have different copies of the zone--what's
>> your reason for that?
>>
>> If both servers think they are authoritative for a zone, then
>> they will answer recursive queries for those zones
>> themselves. From the manual:
>>
>> "Forwarding occurs only on those queries for which the server
>> is not authoritative and does not have the answer in its cache."
>>
>> What exactly are you trying to achieve?
>>
>> John
>>
>>
>>
>> On Wed, Apr 30, 2014 at 3:55 PM, Jeronimo L. Cabral
>> <jelocabral at gmail.com <mailto:jelocabral at gmail.com>> wrote:
>>
>> Dear, I would like to ask for solution related with DNS
>> (bind) configuration to allow forward requests to another
>> DNS but related with the same domain.
>>
>> I'm asking about two authoritative name servers serving
>> the same domain but with different zone file info on each
>> and have one of them forward recursive queries to another
>> one if first one cannot find some particular subdomain
>> record that is missing in his version of zone file.
>>
>> My named.conf.local is as follow, but it doesn't work:
>>
>> zone "company.com <http://company.com>" {
>> type master;
>> file "/etc/bind/zones/company.com.db";
>> allow-transfer { key "company"; };
>> check-names ignore;
>> forward first;
>> forwarders { 172.16.1.1; };
>> };
>>
>> Thanks a lot,
>>
>> JeLo
>>
>>
>> _______________________________________________
>> Please visit
>> https://lists.isc.org/mailman/listinfo/bind-users to
>> unsubscribe from this list
>>
>> bind-users mailing list
>> bind-users at lists.isc.org <mailto:bind-users at lists.isc.org>
>> https://lists.isc.org/mailman/listinfo/bind-users
>>
>>
>>
>>
>> --
>> John Miller
>> Systems Engineer
>> Brandeis University
>> johnmill at brandeis.edu <mailto:johnmill at brandeis.edu>
>> (781) 736-4619
>>
>> _______________________________________________
>> Please visit
>> https://lists.isc.org/mailman/listinfo/bind-users to
>> unsubscribe from this list
>>
>> bind-users mailing list
>> bind-users at lists.isc.org <mailto:bind-users at lists.isc.org>
>> https://lists.isc.org/mailman/listinfo/bind-users
>>
>>
>>
>>
>> _______________________________________________
>> Please visithttps://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>>
>> bind-users mailing list
>> bind-users at lists.isc.org <mailto:bind-users at lists.isc.org>
>> https://lists.isc.org/mailman/listinfo/bind-users
>
>
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org <mailto:bind-users at lists.isc.org>
> https://lists.isc.org/mailman/listinfo/bind-users
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20140430/1c1d5c4c/attachment-0001.html>
More information about the bind-users
mailing list