bind and dns forwarding
Kevin Darcy
kcd at daimlerchrysler.com
Thu Aug 11 04:21:53 UTC 2005
tanzer.genc at gmail.com wrote:
>Hello all,
>I have 2 bind dns servers in my company. One of them (dns1)for internet
>and other one (dns2) for WAN requests. My all clients and servers's dns
>settings; first dns dns2 and second dns dns1.
>I am looking from my firewall, my local dns is asking dns requests to
>internet dns servers.
>
Wait, you said "Internet" and "WAN". Now you're introducing another
category -- "local". Which DNS is that?
>I do not want to give access for my local dns for
>dns requests from internet.
>
Is your firewall not smart enough to distinguish between queries *from*
the Internet and queries *to* the Internet?
>How can i configure my local dns for ask all of the dns requests only
>to my own internet dns?
>
Well, you can't really avoid talking to Internet DNS nameservers if you
want to resolve Internet DNS names. If you have no interest in resolving
Internet DNS names, why then would you call it an "internet DNS"? You
can certainly define your own root zone, but it's not at all clear to me
that that's what you want or need...
- Kevin
More information about the bind-users
mailing list