Forwarding zone, setup
Gregory Sloop
gregs at sloop.net
Tue Mar 1 02:33:46 UTC 2022
Wow. I hate to be the guy who looks the gift horse in the mouth - but that just seems "wrong." :)
(Not the answer, but that that would be the way BIND wants it done.)
So, now I've got two sets of NS and glue records?
Please tell me that's not the way BIND insists you do this!
I guess I should try it, but dang.
Does anyone know for sure?
> Add Delegating NS records:
> ab.somedomain.local 3600 NS server1.ab.somedomain.local
> .
> .
> .
> And glue records
> server1.ab.somedomain.local 3600 A 10.0.0.1
> .
> .
> And see if it works. It’s got something to do with the way the record is matched (or not) before the forward statement is hit.
> J
>> On Feb 28, 2022, at 3:47 PM, Gregory Sloop <gregs at sloop.net> wrote:
>> So, I want to forward all queries for
>> *.ab.somedomain.local to some other internal DNS servers.
>> (Records in *.ab.somedomain.local actually are our active domain servers)
>>
>> (Yes, I know .local is reserved now, but we've been using it a long time and changing would be rather painful. Unless there's some horrible consequences, I think we'll just continue for now. We won't ever use mDNS.)
>>
>> zone "ab.somedomain.local" {
>> type forward;
>> forward only;
>> forwarders { 10.0.0.1; 10.0.0.2; 10.0.0.3; };
>> };
>> But this doesn't appear to do what I want.
>>
>> If I add the above to my regular BIND servers configuration, it doesn't return results like it's forwarding them. (I get NXOMAIN for abc.ab.somedomain.local.)
>>
>> If I do a dig @10.0.0.1 abc.ab.somedomain.local from the BIND server, I get a proper result. (force dig to use the AD name servers directly, instead of relying on the forward.)
>>
>> (And yes the resolv.conf file has the ip addresses of the main internal BIND servers in it, and those only.)
>> I've looked and while I think I'm doing it right, I'm not entirely sure.
>> I figured before I beat my head against the wall for too long, I'd ask the real experts! :)
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20220228/99b75e9c/attachment.htm>
More information about the bind-users
mailing list