DNS configuration problem

Jim Reid jim at mpn.cp.philips.com
Thu Sep 23 22:17:39 UTC 1999 

>>>>> "Robert" == Robert Schelander <rschelander at aon.at> writes:

    Robert> We don't have a permanent connection to the internet, so a
    Robert> full lookup with the help of the world root servers is not
    Robert> possible. So I've configured named.conf to forward
    Robert> only. But because of the slow connection to this forward
    Robert> DNS it is desirable to cache all resolve requests. Another
    Robert> point is, that I want to add own names in our address
    Robert> range (44.143.216/24) for testing puropses. Because of
    Robert> this I've set the ampr.org zone to master, but this
    Robert> configuration doesn't work the way I want. It's not
    Robert> surprising, because I'm neither master nor slave of
    Robert> ampr.org. If I request an ip which name is included in
    Robert> ampr.org it works, but for other ampr.org names it doesn't
    Robert> forward the request but immediately says that this host is
    Robert> not known. Maybe named thinks: if master doesn't know, who
    Robert> else should - and because of this doesn't forward the
    Robert> request.

No, it doesn't work that way. You've told your name server it is
master for the ampr.org domain, even though it isn't. [It's only got
the bits of ampr.org that belong to you, if I understand you
correctly.] So when you ask for some other valid name in the ampr.org
domain, your name server returns and NXDOMAIN error - no such
host/domain - because it "knows" for sure what's in the ampr.org
domain. The trouble is what you've told it about that domain isn't the
truth, the whole truth and nothing but the truth. There's no reason
for your name server to forward that request to another name server
that could give the real answer because your server thinks it knows
what names really exist in the ampr.org domain.

There's no way to configure BIND to lookup a name in some local zone
file and then forward the request elsewhere if that name isn't in the
local "copy" of that zone. Maybe this will be possible in BIND9.

What you should try is get a zone delegated from ampr.org for your
site/group/whatever and configure your name server to be master for
that delegation rather than the whole ampr.org zone. (Or your locally
prepared ampr.org zone.) The same probably should apply to whatever
addresses in net 44 are assigned to you. I doubt your name server
really should be claiming to be master for that whole Class A reverse
space. Your name server should have a zone statement for
216.143.44.in-addr.arpa, not 44.in-addr.arpa.

More information about the bind-users mailing list