Multiple DNS Forwards

Kevin Darcy kcd at daimlerchrysler.com
Wed May 24 20:31:57 UTC 2000 

It could be that 158.138.120.22 is authoritative for "partner.com" but
*not* "hal.us.partnerco.com", and has recursion turned off. What happens if
you just point a command-line utility like "dig" at 158.138.120.22 and try to
resolve those names? Is the RA (Recursion Available) bit set on the
response? Maybe you need to ask your partner what server you should be using
to resolve the names.


- Kevin

Dave Walsh wrote:

> Below is the content of my original question and the answer (from the BIND
> archives). Your solution worked great. However, our partner company has now
> expanded or decentralized and they also have more than just partner.com
> names to resolve. They now have hal.us.partnerco.com. I tried putting in
> another entry in my named.conf, but it doesn't seem to resolve hosts in
> hal.us.partnerco.com, but partner.com does still work.
>
> Any ideas?
>
> TIA
>
> Dave
>
> EXAMPLE: named.conf
>
> =====================
>
> options {
>
> directory "/var/named";
>
> forwarders { 227.252.18.10; };
>
> forward only;
>
> query-source address * port 53;
>
> };
>
> zone "0.0.127.IN-ADDR.ARPA" in {
>
> type master;
>
> file "db.127.0.0";
>
> notify no;
>
> };
>
> zone "mycompany.ca" in {
>
> type master;
>
> file "db.mycompany";
>
> };
>
> ** NOTE: I CAN RESOLVE HOSTS IN PARTNER.COM
>
> zone "partner.com" {
>
> type forward;
>
> forward only;
>
> forwarders { 158.138.120.22; }
>
> }
>
> ** NOTE: I CAN'T RESOLVE HOSTS IN HAL.US.PARTNERCO.COM
>
> zone "hal.us.partnerco.com" {
>
> type forward;
>
> forward only;
>
> forwarders { 158.138.120.22; }
>
> }
>
> zone "57.168.192.IN-ADDR.ARPA" in {
>
> type master;
>
> file "db.192.168.57";
>
> };
>
> zone "0.1.10.IN-ADDR.ARPA" in {
>
> type master;
>
> file "db.10.1.0";
>
> };
>
> zone "0.30.10.IN-ADDR.ARPA" in {
>
> type master;
>
> file "db.10.30.0";
>
> };
>
> zone "148.208.198.IN-ADDR.ARPA" in {
>
> type master;
>
> file "db.198.208.1481";
>
> };
>
> // zone "." in {
>
> // type hint;
>
> // file "db.cache";
>
> // };
>
> END NAMED.CONF
>
> ORIGINAL CORRESPONDENCE
>
> There is really no such thing as "conditional" forwarding in BIND 8. There
>
> is, however, "selective" forwarding. The difference is more than semantic:
>
> selective forwarding works *unconditionally*, i.e. has no relation to
>
> events or state, but is specified on a zone-by-zone basis, i.e. all queries
>
> in a specific zone X should be forwarded to a specific set of servers Y, Z,
>
> etc.. In your case, you'd set up a zone of type "forward" for your business
>
> partner's domain, let's call it "partner.com". And also in the zone
>
> definition you'd specify "forward only" and a "forwarders" clause
>
> containing the addresses of the partner's nameservers. So it would look
>
> something like:
>
> zone "partner.com" {
>
> type forward;
>
> forward only;
>
> forwarders { x.x.x.x; y.y.y.y; };
>
> }
>
> In your situation, selective forwarding would probably be better than
>
> conditional forwarding anyway, which would waste time and resources sending
>
> queries to the wrong places.
>
> A couple of other alternatives to consider, depending on your performance
>
> characteristics and/or requirements, or redundancy requirements, would
>
> include stub or slave zones.
>
> - Kevin
>
> Dave_Walsh wrote:
>
> > We are a satellite organization of our parent organization. At present,
>
> >
>
> > all of our Win95 PCs point to my local DNS server with a forward
>
> > statement
>
> > to our parent organization's DNS server for name resolution. In other
>
> > words, anything not resolved locally, will be forwarded to our corporate
>
> >
>
> > head office (where our Internet access is also). We've recently
>
> > acquired a
>
> > project with a business partner that requires only our location to have
>
> > access to the partner's DNS server so I can resolve names in their name
>
> > space.
>
> >
>
> > What's the best approach to accomodate all my needs? I must be able to
>
> > resolve local IP names, corporate names in the corporate WAN, Internet
>
> > names (via corporate) & the names at our new business partner. Can I
>
> > put on a second
>
> > forwarder statement on my local DNS server that will effectively say,
>
> > "if
>
> > you can't resolve it yourself, try the corporate DNS, if you can't
>
> > resolve
>
> > it there, try the partner DNS?".
>
> >
>
> > Mr. DNS says that conditional forwarding of BIND 8.2 will do it. I'm
>
> > pretty new to DNS. Can someone please advise.
>
> >
>
> > TIA
>
> >
>
> > Dave
>
> >
>
> > -- Binary/unsupported file stripped by Listar --
>
> > -- Type: text/x-vcard
>
> > -- File: Dave_J_Walsh.vcf
>
> > -- Desc: Card for Dave_Walsh

More information about the bind-users mailing list