Forwarding queries to offsite DNS servers
Joseph S D Yao
jsdy at cospo.osis.gov
Thu Aug 31 19:26:03 UTC 2000
On Thu, Aug 31, 2000 at 08:56:10PM +0100, Mevin Essapen wrote:
> My organization is running several "illegal" class C subnets and has DNS
> servers setup internally. We're now planning to link to the internet
> and have installed a firewall to do address translation and handle
> access to web and mail servers in the DMZ (legal IP range).
>
> Externally our ISP is managing the DNS for our domain, but internally
> our DNS servers are the authoritative source. The DNS servers are
> running on Solaris 2.6 (not sure of BIND version).
>
> My question is, what changes do I need to make to our NS boot files
> inorder that internal hostname resolution queries that are "outside" our
> domain are resolved by my ISP's name servers rather than the internal
> DNS servers.
>
> I have 400+ workstations, and would like to avoid changing the resolver
> entries on these machines.
>
> Apologies if this is a "common" question. Would appreciate reply via
> email if poss.
If you are using named.boot files, strongly suggest that you upgrade to
the current version - 8.2.2-P5, or soon, 9.*. Better. Stronger. In
the case of 9.*, faster.
You can have your main/root name server forward all unresolved queries
to the ISP's name server. In named.boot files, this was:
...
forwarders IPaddress1 IPaddress2 ...
slave
...
In named.conf files, this is:
...
options {
...
forwarders {
Ipaddress1;
IPaddress2;
};
forward only;
...
};
...
--
Joe Yao jsdy at cospo.osis.gov - Joseph S. D. Yao
COSPO/OSIS Computer Support EMT-B
-----------------------------------------------------------------------
This message is not an official statement of COSPO policies.
More information about the bind-users
mailing list