query-source
Joseph S D Yao
jsdy at cospo.osis.gov
Tue Dec 12 18:31:12 UTC 2000
On Tue, Dec 12, 2000 at 12:25:48PM -0600, Tony Johnson wrote:
> Thanks. Yes I have a firewall with internal records and want to be
> forwarded external records. I get that invalid argument error when I change
> my query source on the firewall and point it to my primary dns server. Yes
> , I have the forwarders setp on the firewall dns but it appears the
> forwarders line is being ignored as I have tested this with the forward only
> option on and forwarders being my primary and secondary name servers. If I
> change resolv.conf and user the primary nameserver, I will have all the
> external dns I want, just no internal records, such as an internal mail
> server.
You do NOT get forwarded anything. EVER.
Read what I said.
Ditch "query-source". You are using it completely incorrectly.
The "forwarders" line forwards QUERIES. It must be in your INTERNAL
name server. It must be pointing TO your FIREWALL.
The "forwarders" line must NOT be in your firewall, if your firewall
has an interface to the public Internet.
--
Joe Yao jsdy at cospo.osis.gov - Joseph S. D. Yao
COSPO/OSIS Computer Support EMT-B
-----------------------------------------------------------------------
This message is not an official statement of COSPO policies.
More information about the bind-users
mailing list