Forwarding request to another DNS server but the same domain
Chris Buxton
clists at buxtonfamily.us
Thu May 1 00:20:45 UTC 2014
Either do as Kevin Darcy said or else use separate names:
company.com
office1.company.com
office2.company.com
The admin in office 2 updates the office2 zone. The dynamic updates in office 1 go to the office1 zone. The company.com zone delegates both. Everyone can find everything via that delegation, but each office has its own zone. Everyone is happy.
Chris
On Apr 30, 2014, at 4:36 PM, Jeronimo L. Cabral <jelocabral at gmail.com> wrote:
> DNS1 with dynamic update and DNS2 with manually update....
>
>
> On Wed, Apr 30, 2014 at 8:11 PM, Kevin Darcy <kcd at chrysler.com> wrote:
> I'm still not understanding your constraints. If *all* updates come in through Dynamic Update, then you don't need freeze/unfreeze.
>
> - Kevin
>
>
> On 4/30/2014 6:47 PM, Jeronimo L. Cabral wrote:
>> In office #1, the "company.com" master zone is updated automatically from some Windows machines inn DNS1 and in office #2 the same zone is updated manually in DNS2 by the administrator who shouldn't update (using freeze and unfreeze) the master zone from office #1. This is the scenario, and we need that a simple query to DNS1 be responded with any record from both zones.
>>
>> Thanks again
>>
>>
>> On Wed, Apr 30, 2014 at 5:54 PM, Kevin Darcy <kcd at chrysler.com> wrote:
>> Oh, I thought this was an external-versus-internal scenario. But, this is even easier.
>>
>> A) One of the nameservers (pick DNS1 or DNS2) becomes a slave (of the "stealth" variety, if you want) of the other
>> B) People use nsupdate to maintain the zone
>>
>> For security, TSIG-sign the updates. For fast change propagation, set up NOTIFY if and as necessary.
>>
>> - Kevin
>>
>>
>> On 4/30/2014 4:32 PM, Jeronimo L. Cabral wrote:
>>> Dear John, this is my scenario:
>>>
>>> 1) Office 1: people work with some machines and fill up a local master zone "company.com" with records in DNS1
>>> 2) Office 2: people works with some others machines and fill up a local master zone "company.com" with another records in DNS2
>>>
>>> So both office have a different master zone.
>>>
>>> Both offices belong to the same company, so I need that any client PC can resolve a hostname from "company.com" domain, independently if this record is in DNS1 or DNS2.
>>>
>>> Thanks again, regards.
>>>
>>> JeLo
>>>
>>>
>>>
>>> On Wed, Apr 30, 2014 at 5:21 PM, John Miller <johnmill at brandeis.edu> wrote:
>>> Hi Jeronimo,
>>>
>>> First of all, please just tell us the real domain. Yes, we could try and talk about a fictitious "example.com" or "company.com," but having the real domain name lets us actually query your nameservers.
>>>
>>> Let me be sure I understand: you have two DNS servers. Each of them is authoritative for the same domain. Are both set as master?
>>>
>>> The two servers have different copies of the zone--what's your reason for that?
>>>
>>> If both servers think they are authoritative for a zone, then they will answer recursive queries for those zones themselves. From the manual:
>>>
>>> "Forwarding occurs only on those queries for which the server is not authoritative and does not have the answer in its cache."
>>>
>>> What exactly are you trying to achieve?
>>>
>>> John
>>>
>>>
>>>
>>> On Wed, Apr 30, 2014 at 3:55 PM, Jeronimo L. Cabral <jelocabral at gmail.com> wrote:
>>> Dear, I would like to ask for solution related with DNS (bind) configuration to allow forward requests to another DNS but related with the same domain.
>>>
>>> I'm asking about two authoritative name servers serving the same domain but with different zone file info on each and have one of them forward recursive queries to another one if first one cannot find some particular subdomain record that is missing in his version of zone file.
>>>
>>> My named.conf.local is as follow, but it doesn't work:
>>>
>>> zone "company.com" {
>>> type master;
>>> file "/etc/bind/zones/company.com.db";
>>> allow-transfer { key "company"; };
>>> check-names ignore;
>>> forward first;
>>> forwarders { 172.16.1.1; };
>>> };
>>>
>>> Thanks a lot,
>>>
>>> JeLo
>>>
>>>
>>> _______________________________________________
>>> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>>>
>>> bind-users mailing list
>>> bind-users at lists.isc.org
>>> https://lists.isc.org/mailman/listinfo/bind-users
>>>
>>>
>>>
>>> --
>>> John Miller
>>> Systems Engineer
>>> Brandeis University
>>> johnmill at brandeis.edu
>>> (781) 736-4619
>>>
>>> _______________________________________________
>>> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>>>
>>> bind-users mailing list
>>> bind-users at lists.isc.org
>>> https://lists.isc.org/mailman/listinfo/bind-users
>>>
>>>
>>>
>>> _______________________________________________
>>> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>>>
>>> bind-users mailing list
>>> bind-users at lists.isc.org
>>> https://lists.isc.org/mailman/listinfo/bind-users
>>
>>
>> _______________________________________________
>> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>>
>> bind-users mailing list
>> bind-users at lists.isc.org
>> https://lists.isc.org/mailman/listinfo/bind-users
>>
>
>
>
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20140430/e764750b/attachment-0001.html>
More information about the bind-users
mailing list