Bind recursion
Barry Margolin
barmar at alum.mit.edu
Tue Apr 22 01:09:38 UTC 2008
In article <fuj9t6$p6a$1 at sf1.isc.org>, Ghworg at gmail.com wrote:
> I've tried to find an answer to this, but I doesn't seem to be
> anywhere. Basically, I'm setting up two views - internal and external.
> Internal is for my internal clients, with full zone views, and
> recursion on. External, is for Internet users, has only my external
> hosts, with no recursion. I have one small problem....In one of my
> zones, I have a subdomain that is delegated out to a load balancer
> that I have on site. Here is an example....
>
> zone.com - ns1 handles
> lb.zone.com - load balancer handles
>
> So, a query for server1.lb.zone.com, would go to ns1, then get
> delegated to the load balancer, but this does not work unless I turn
> on recursion. I've tried forwarders, and creating master zones with
> the load balancer NS records, and a couple of other things. Nothing
> seems to work. If I point an external machine to ns1, it always fails,
> without recursion.
>
> Is there any way get get this scenario to work, without allowing
> recursion on the outside?
Can external users query the load balancer directly?
I'm not sure how turning on recursion could help. Remote caching
servers don't have the Recursion Desired flag in their queries, so
you'll never recurse for those lookups.
My guess is that you were testing this by doing "dig server1.lb.zone.com
@yourserver". This won't work because dig doesn't act like a caching
server, it doesn't follow NS records. You need to test by querying an
outside caching server.
--
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***
More information about the bind-users
mailing list