Can Bind forward requests from within an authoritative domain?

Eric B. ebenze at hotmail.com
Tue Apr 17 02:11:57 UTC 2007 

Thanks for the tips.  Will probably use the include file technique in that 
case.

Thanks!

Eric

"Kevin Darcy" <kcd at daimlerchrysler.com> wrote in message 
news:4623E579.1080809 at daimlerchrysler.com...
Jon Reynolds wrote:
> Eric B. wrote:
>
>> Hi,
>>
>> Maybe I am going about this the wrong way, so any help/advice you can 
>> give
>> me would be greatly appreciated.
>>
>> I currently have an external DNS with all my typical DNS entires (mail, 
>> www,
>> ftp, etc...) for my domain (ex: domain.com).  I am now in the process of
>> setting up an internal DNS for all my internal machines (we've been
>> connection to machines using IPs until now). What I would ideally like to 
>> do
>> is create my internal dns in such a way that if it receives a request for 
>> a
>> name that it can't resolve, that it would query the external dns for the
>> hostname.
>>
>> So for instance, if my domain is domain.com, my external dns would 
>> resolve:
>> ftp.domain.com, mail.domain.com, www.domain.com.
>> My internal dns would resolve my internal machine names:
>> chocolate.domain.com, vanilla.domain.com, rockyroad.domain.com
>> I would rather not have to duplicate all the entries from the external 
>> dns
>> onto the internal dns, but would like to be able to query the internal 
>> DNS
>> for ftp.domain.com and have it resolved.
>>
>> Is something like this possible?  I've tried playing around with the 
>> forward
>> & recursive options, but can't seem to get it to work.  I set the 
>> internal
>> dns as type master for domain.com, so I am assuming that it won't
>> recurse/forward any missing requests to other machines if it fails.
>>
>> Am I on the wrong track?  Is there a way to get this to work?
>>
>> Thanks for any advice!
>>
>> Eric
>>
>
>
> You might want to check out 'views'. This allows you to create one DNS
> server with an internal and external "view".
>
>
That gets you out of having to run separate boxes for internal versus
external, or separate instances running on different network interfaces
(virtual or physical) on the same box, but it *doesn't* remove the
requirement to duplicate the external entries in the internal version of
the relevant zone(s). It's always possible to put the "common" entries
in an $INCLUDE file, of course, which would be shared by both the
internal and external versions of the zone, just be sure to increment
the SOA for both versions of the zone, whenever the contents of the
$INCLUDE file change.


                  - Kevin

More information about the bind-users mailing list