DNS on Lnux Problem

tnaves at linkwest.net tnaves at linkwest.net
Thu Feb 5 00:18:02 UTC 2004 

Dave:

Thanks for the complete treatment.  It works great.  And yes, I do have
two dns servers.  I set these up on a couple of spare Linux boxes to learn
how to do it.

Thanks again.

Tom


On Wed, 4 Feb 2004, David Botham wrote:

> bind-users-bounce at isc.org wrote on 02/03/2004 11:53:54 AM:
> > My public dns is done by my ISP.  I set up an internal dns server on a
> > Redhat Linux ver 9 box.  I made the internal domain the same name as the
> > public domain name.  I can resolve all internal names that are in the
> > internal dns database.  Via "." hints file, I can resolve all public 
> names
> > except my own public names.  I presume this is because my internal dns
> > server is "authoritative" for my domain and as a result, if the name is
> 
> The reason your name server does not see data in your domain that is 
> hosted on your ISP's name servers is due to the fact that your name server 
> has the zone loaded locally.  If your name server has the zone loaded 
> locally, it assumes that it is the only name server that has the zone 
> loaded and will therefore not look on any other name servers for data in 
> that zone.  Name servers are very narrow minded in this regard, and 
> rightfully so.
> 
> 
> What you need to do is configure your name server with a super set of the 
> data for your zone.  For example, you would want the follow data in your 
> interanl name server's zone data file for your domain:
> 
> 1.  An SOA RR for the zone.
> 2.  RR's of type A for all hosts on your internal network, specifying the 
> internal IP addresses for those hosts.
> 3.  RR's of type NS for your internal name servers (while we have 
> discussed only one here, you do have two internal nameservers, don't 
> you...)
> 4.  If you have a mail server inside your network, in addition to the A RR 
> from step 1 above, put an MX RR for it in the internal zone as well.
> 3.  RR's of type A for hosts that are in your domain, but, are hosted 
> outside your network, such as a colocated web server.  Here, you specify 
> the actual IP address of the web server as it exists on the Internet.
> 
> 
> Notice that your internal nameserver has "the most correct/complete" data 
> about your zone.  That way, when your internal clients query this name 
> server for data in your domain/zone, they get the right answer: Regardless 
> of whether that answer references an IP address on the local private 
> network for say the file server, or whether it refers them to an IP on the 
> Internet where your web server is located.  This (these) internal 
> nameserver combined with your ISP's nameservers (that host an external 
> version of your domain) is a classic implementation of a split dns.
> 
> 
> Hope this helps,
> 
> 
> Dave...
> 
> 
> > not in one of its zones, it does not go to the root servers.
> > 
> > I thought if I put a forwarder statement in the named.custom file, this 
> is
> > the Linux way of doing it, I could resolve my public names using my 
> ISP's
> > dns.  This just made it so the internal dns server would not work at 
> all.
> > Have I done this incorrectly?  Any ideas will be welcome.
> > 
> > Regards,
> > 
> > Tom
> > 
> > 
> 
> 
> 
> 
>

More information about the bind-users mailing list