Forwarding zone, setup
Jeff Sumner
kc4fox at gmail.com
Tue Mar 1 00:23:09 UTC 2022
Add Delegating NS records:
ab.somedomain.local 3600 NS server1.ab.somedomain.local
.
.
.
And glue records
server1.ab.somedomain.local 3600 A 10.0.0.1
.
.
And see if it works. It’s got something to do with the way the record is matched (or not) before the forward statement is hit.
J
> On Feb 28, 2022, at 3:47 PM, Gregory Sloop <gregs at sloop.net> wrote:
>
> So, I want to forward all queries for
> *.ab.somedomain.local to some other internal DNS servers.
> (Records in *.ab.somedomain.local actually are our active domain servers)
>
> (Yes, I know .local is reserved now, but we've been using it a long time and changing would be rather painful. Unless there's some horrible consequences, I think we'll just continue for now. We won't ever use mDNS.)
>
> zone "ab.somedomain.local" {
> type forward;
> forward only;
> forwarders { 10.0.0.1; 10.0.0.2; 10.0.0.3; };
> };
>
> But this doesn't appear to do what I want.
>
> If I add the above to my regular BIND servers configuration, it doesn't return results like it's forwarding them. (I get NXOMAIN for abc.ab.somedomain.local.)
>
> If I do a dig @10.0.0.1 abc.ab.somedomain.local from the BIND server, I get a proper result. (force dig to use the AD name servers directly, instead of relying on the forward.)
>
> (And yes the resolv.conf file has the ip addresses of the main internal BIND servers in it, and those only.)
> I've looked and while I think I'm doing it right, I'm not entirely sure.
> I figured before I beat my head against the wall for too long, I'd ask the real experts! :)
>
>
> --
> Visit https://lists.isc.org/mailman/listinfo/bind-users <https://lists.isc.org/mailman/listinfo/bind-users> to unsubscribe from this list
>
> ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ <https://www.isc.org/contact/> for more information.
>
>
> bind-users mailing list
> bind-users at lists.isc.org <mailto:bind-users at lists.isc.org>
> https://lists.isc.org/mailman/listinfo/bind-users <https://lists.isc.org/mailman/listinfo/bind-users>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20220228/8927c105/attachment-0001.htm>
More information about the bind-users
mailing list