Zone Delegation

David Botham DBotham at OptimusSolutions.com
Wed Feb 4 22:05:50 UTC 2004 

bind-users-bounce at isc.org wrote on 02/04/2004 04:14:19 PM:
> Hello,
> I would like to be able to setup BIND so that if it is asked for any
> records in a particular domain, it does not perform the lookup but asks
> another server that will have the records.  Currently, I have forwarding
> set to that "other" server for all requests, and it works fine for that
> "particular" domain I talked about above, BUT, all DNS requests are
> going to that "other" server as well.  Since these "other" servers are
> slow for general lookups, but required for that "particular" domain, I
> would like to setup BIND to work in the following manner:
> 
> Accept all requests

BIND does this out of the box, however, I think you probably already know 
that...

> If the lookup is for a domain it is master for, lookup and return to
> client

Once again, BIND does this out of the box.  It will always give an answer 
right back to the client if the name server is either master or slave for 
the zone data, or, the answer is in the name server's cache.


> If the lookup is for abc.com, ask this other server over our Intranet
> and return to client

Load abc.com as a zone of type "forward".  See the BIND Administrators 
Reference Manual (ARM) on use of the "zone" statement, in particular, how 
to load a zone as type "forward".  See also the modifiers for forwarding 
behavior like "forward only", etc... (remember that forward options within 
the zone statement override Global Options...)


> If the lookup is for any other domain, forward request to our LOCAL ISP
> (not over the Intranet)

I would let your name server perform normal resolution and not make it 
forward all queries to your ISP's nameserver(s).  What if your ISP moves 
their nameservers?  All of your name service resolution would drop off the 
face of the planet if your name servers were set up to forward... 
(depending on forwarding behavior modifiers).

However, if you really understand the implications of forwarding to your 
ISP's nameservers, look in the ARM under the global forward options.


Hope this helps.


Dave...


> 
> I hope that this will help speed up our DNS resolution.
> 
> Thanks,
> Chris
> 
>

More information about the bind-users mailing list