Bind 9.10.3: forwarded zone on a recursive server
Ivan Kurnosov
zerkms at zerkms.ru
Mon Nov 20 01:36:36 UTC 2017
I'm having a really simple recursive DNS for a small office, that has a
forwarded zone (being resolved by another local server).
The config looks like
options {
directory "/var/cache/bind";
dnssec-validation auto;
auth-nxdomain no;
listen-on-v6 { none; };
recursion yes;
allow-query { any; };
allow-transfer { none; };
};
zone "internal.companyname.co.nz" {
type forward;
forward only;
forwarders {
192.168.1.x;
192.168.1.y;
};
};
The problem I am observing is that even if I resolve a name within `
internal.companyname.co.nz` the bind still tries to contact the root
servers, .nz. and .co.nz. servers as well.
And if at that point the internet is not available for the machine - the
response fails, even though it's the forwarded to another local server zone.
On this screenshot there are the packets I captured that are being sent to
the internet
https://i.stack.imgur.com/TphcP.png
I also asked this question at https://serverfault.com/q/884196/45086
So the question is: what do I else need to do to make this server not
recurse for the forwarded-only zone?
--
With best regards, Ivan Kurnosov
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20171120/f443bdde/attachment.html>
More information about the bind-users
mailing list