Reverse DNS delegation problem
Chittaranjan Mandal
Chittaranjan.Mandal at iitkgp.ac.in
Tue Jun 29 13:00:02 UTC 2004
[Reply to message from "phn at icke-reklam.ipsec.nu" on Tuesday 29 Jun 2004 5:37 pm]
> >> Do you have forwarding enabled within the part of your named.conf you
> >> didn't show? Forwarding would override delegation. In order to cancel
> >> forwarding for the 10.in-addr.arpa hierarchy, you'd need to add
> >> "forwarders { };" to the apex zone definition.
> >
> > Thanks, your solution worked. But I would like queries that are not served by
>
> > my local name server to be actually forwarded to some other name server.
> > How can that be done? Note that this particular nameserver is in a local subnet
> > and cannot directly communicate with the external world.
>
> Why do you want to increase your vulnerability by forwarding ? Does
> it give you any beneifit ?
I see only two options when I am behind a firewall and need to resolve public names.
One is forwarding and the other is using query-source (not sure how this works).
I could not get query-source working. I get the following error.
... could not get query source dispatcher (163.230.124.41#53)
Having to rely on forwarding, I am forced to do away with delegation,
since forwarding seems to enjoy precedence over delegation. I am
able to get my setup working the hard way, by making the dns server the
master or slave of each local zone.
I would appreciate being shown an easier option.
-Chitta
More information about the bind-users
mailing list