Rely on Recursive "De-forwarding" Behavior?
Kevin Darcy
kcd at daimlerchrysler.com
Wed Jul 7 23:37:19 UTC 1999
Hello,
I have been experimenting with the "de-forwarding" feature
of BIND 8.2, i.e. where you specify a null forwarders list for a given
zone in order to override the global forwarding behavior. What I have
noticed is that the "de-forwarding" specification seems to apply not
only to a given zone, but to subzones as well. For example, if
I deforward "bar.com", and then I happen to get some NS RR's in my cache
for "foo.bar.com", which is not mentioned in my named.conf file, I'll
still not forward for that zone, even though I now know it is a separate
zone from its parent.
My question is: is this behavior intentional, or just accidental? We
here at DaimlerChrysler are in the throes of a massive DNS integration
and would not want to rely on behavior that may quietly disappear in a
subsequent release. A purist argument could be made, I suppose, that
deforwarding should only apply to a given zone, and not apply
recursively. But the current recursive behavior seems more useful for
us, since our zone hierarchies go fairly deep in places.
If the behavior is accidental and likely to change, is there any
news to report on the status of implementing "views", as described in
the _DNS_and_BIND_ book, which appears to be a more general and
hopefully more reliable solution to the mixed-forwarding-and-referral
quandry?
- Kevin
More information about the bind-users
mailing list