How to look up a domain NOT through root hints?
Kevin Darcy
kcd at daimlerchrysler.com
Thu Feb 12 22:47:46 UTC 2004
Gabrie van Zanten wrote:
>Hi
>
>Internally we have two dns domains, one called xx.com and one called
>xx.local. Each domain has its own administrators, they maintain their
>own dns and do their own lookups on the internet using root hints.
>
>Ofcourse, the systems from the xx.com can't find the systems from
>xx.local, because they would try to lookup xx.local through a root hint.
>
>What is the best way to tell the dns servers from xx.com that they can
>ask DNS server x.x.x.x from xx.local to resolve the xx.local names,
>instead of going to a root server.
>
>And ofcourse, the whole thing is also vice versa.
>
>If possible I would like to avoid having to replicate zones or records
>between the two.
>
You could use "type forward" zones for this, if you are *absolutely*
dead set against replicating any records whatsoever (but you'd still
have to hardcode the addresses of the nameservers into your named.conf,
so what is it exactly that you're trying to achieve with your "no
replication" rule?).
If you would relax your "no replication" rule a bit, then you could use
"type stub" zones, which replicate NS and SOA records for the apex of
each defined domain, yet work better in a wider variety of situations
(e.g. if the other nameserver does not honor recursion but you need to
get to subzones of the main zone which aren't hosted on the same
server), or simply perform better (especially in the case of deep
namespace hierarchies where "type stub" zones will have the effect of
caching referral information for intermediate levels of the hierarchy,
thus allowing future queries to take efficient "shortcuts" to get the data).
- Kevin
More information about the bind-users
mailing list