conditional forwarding HELP?
phn at icke-reklam.ipsec.nu
phn at icke-reklam.ipsec.nu
Fri Dec 5 22:00:58 UTC 2003
Thomas J. De Matteis <Thomas.DeMatteis at nasa.gov> wrote:
> I was told that with Ver 9 of bind that there is conditional forwarding
> available, but I just don't see it. Could one of you give me some pointers?
> Here's what I am faced with:
> My group is behind our own little firewall, for many years we have had our own
> DNS server as a primary behind the firewall to resolve the NATed IPs as well as
> external IPs. In this config if we wanted to resolve an IP address of a system
> that belongs to my company that it outside of the firewall the system would
> just do it via the root cache file.
> Now, my company put up their own firewall and they are migrating to a split
> DNS. This will break my ability to lookup the systems behind the company
> firewalls since my DNS server resolves their addresses from the root cache
> file thereby using my company's external DNS server. They will not allow my
> DNS server to be a slave to their inside DNS server so that things would still
> work.
> Currently my systems are say mysystems.foo.com and my company is foo.com.
> Where my company's systems are systemname.foo.com and the systems behind my
> firewall are systemname.mysystems.foo.com.
> So, given that my systems currently resolve the mysystems.foo.com domain and
> all external domain how do I trap the requests to my company's domain, foo.com,
> and resolve the name from my dns server by going to my company's internal dns
> server?
> Thanks in Advance!!!!
> Thomas:-???
See the 'arm-book' ( in case your vendor only shipped half-a-product
you can use :
http://www.ipsec.nu/dns/bind9/Bv9ARM.ch06.html#zone_statement_grammar
( skip down to "type forward" and follow the instructions.
Typically it goes :
zone foo.com {
type forward;
forwarders { xx.yy.zz.tt;};
};
> -----= Posted via Newsfeeds.Com, Uncensored Usenet News =-----
> http://www.newsfeeds.com - The #1 Newsgroup Service in the World!
> -----== Over 100,000 Newsgroups - 19 Different Servers! =-----
--
Peter Håkanson
IPSec Sverige ( At Gothenburg Riverside )
Sorry about my e-mail address, but i'm trying to keep spam out,
remove "icke-reklam" if you feel for mailing me. Thanx.
More information about the bind-users
mailing list