DNS forwarders

[Kevin Darcy]

Company, Paul J. wrote:

> Can someone explain forwarders to me.
> I've read the O'Reilley book, and the archives and the man pages.
> I really think I understand it, but it's not working the way I'm
> interpreting the information.
>
> The way I understand it is, if a query comes in and you're not
> authoritative and you don't have the answer in your cache, then
> the query is forwarded to the list of forwarders in the list.

Yup, that's about right, except what I think you're missing is that
authoritativeness applies on a *zone* basis, not a name basis. So both HOST A
and HOST B both consider themselves authoritative for the zone "plpt.com" and
therefore never forward to each other for names in that zone.

If you want to set up forwarding for a name *underneath* that zone, e.g.
hostb3.plpt.com, you'd have to add a zone definition just for that one name.
Ditto for all other names in the zone that you want to be forwarded. Blech.

Why don't you just merge all the data into one zone? Make either HOST A or HOST
B a slave to the other.


- Kevin

> -----Original Message-----
> From: Company, Paul J. [mailto:paul.company at unisys.com]
> Sent: Friday, August 18, 2000 12:51 AM
> To: bind-users at isc.org
> Subject: DNS forwarders
>
> I searched the archives and couldn't find an answer to my problem.
>
> I'm running BIND 8.2.1
>
> I want to delegate part of a class C address space (zone) to another
> authoritative server under the same domain (plpt.com).
> I don't want to subdomain. I just want all querys for a Class C address to
> be forwarded to the second master server after
> the first master server has a crack at it.
>
> I don't want to change all the clients (mostly NT) DNS Search Orders (aka.,
> /etc/resolv.conf on UNIX),
> I'd like to use forwarders, but from what I've read:
>     "Forwarding occurs only on those queries for which the server
>      is not authoritative and does not have the answer in its cache."
>
> Well, I know how to flush the cache (ndc restart), but I am authoritative
> for the domain, so
> forwarders doesn't work.
>
> Is there a simple solution for what I want to do?
>
> EXAMPLE:
>
> HOST A: master for plpt.com (authoritative for this zone)
>               zone file contains hosta1 IN A 192.168.0.1, hosta2 IN A
> 192.168.0.2
>
> HOST B: master for plpt.com (authoritative for this zone)
>               zone file contains hostb3 IN A 192.168.0.3, hostb4 192.168.0.4
>
> HOST C: Regular client, with DNS search (/etc/resolv.conf) pointing to HOST
> A.
>
> If I nslookup hostb3 from HOST C, I want HOST A to forward this to HOST B
> and get an answer.
>
> Is this possible?
>
> thanks, pjc
>
>