forwarders

Joseph S D Yao jsdy at cospo.osis.gov
Fri Mar 31 20:49:31 UTC 2000 

On Fri, Mar 31, 2000 at 01:27:03PM -0600, Jay C Austad wrote:
> Is there a way to set up our internal dns server (that thinks it's authoritative for foo.com), query another nameserver for the address if it doesn't have it?
> 
> Say a user requests www.foo.com, which doesn't have an internal ip, so it's not in the internal dns, can the DNS server go look somewhere else (i.e. the external DNS server)  for it and return it to the user?

NO.

Sorry, this has been asked so many times ...

An authoritative server is just that.  Authoritative.  It is the
authority, THE authority, the AUTHORITY, the server that knows
EVERYTHING there is to know about the domain.  There is no such thing
as a fractional authority.  It is ALL or NOTHING.

The logical extension of this is that, once you have asked the
Authoritative Server about the name, there is no need to ask anybody
else.  The Authoritative Server knows all, tells all.  If it doesn't
know, then there is nothing to know.  It is Authoritative.

The alternative would be to have a domain with, say, thirteen servers,
any three of which may be out of commission at any given time, wait to
query ALL of them for ANY hint of ANY possible information about a
name.  Sort of like, Mommy said no, let's wait for Daddy to get up and
then we'll ask him, and if we don't like the answer, we'll peddle over
to Grandpa's house and wait for HIM to get up and ask him.  There isn't
enough time in the world to do it this way.  ;-)

Your alternatives, in your case:

(1) make sure that the internal name server replicates all information
from the external name server.  This has to be done manually, or with
something that you write, so as not to lose internal DNS information.
This may be a pain, if you have large groups of hosts both places.
(2) make inside and outside two separate domains, possibly one being a
subdomain of the other.

-- 
Joe Yao				jsdy at cospo.osis.gov - Joseph S. D. Yao
COSPO/OSIS Computer Support					EMT-B
-----------------------------------------------------------------------
This message is not an official statement of COSPO policies.

More information about the bind-users mailing list