Forwarding for authoritative domain.

Tue Apr 22 13:51:44 UTC 2008

On Apr 21, 1:09 am, Barry Margolin <bar... at alum.mit.edu> wrote:
> In article <fudo01$1h4... at sf1.isc.org>,
>
>
>
>  Terpasaur <emery.rudo... at gmail.com> wrote:
> > Hello,
>
> > Please pardon me if this appears multiple times. It was originally
> > blocked. :-)
>
> > Here is my dilema.
>
> > I have a master BIND server (9.2.4) at location 1. I am creating a
> > external slave and internal master at location 2. The master zone file
> > int the internal nameserver at location 2 is the same domain name as
> > the external nameservers, but holds the non-routable private
> > addresses. My problem is that because the master zone has the same
> > zone domain name as the external nameservers, it will never query the
> > external servers for resource that only exist in the external DNS,
> > thus it is not able to resolve the external names.
>
> > As you know, you cannot place a forwarders option in a master zone,
> > because it will not attempt to forward for addresses it is
> > authoritative for. My question is if anyone has any ideas of a
> > workaround other than moving the
> > internal DNS to a different domain name???
>
> 1. Duplicate the public records in the internal zone.
>
> 2. Delegate the public names in the internal zone, e.g.
>
> www IN NS external-ns.company.com.
>
> --
> Barry Margolin, bar... at alum.mit.edu
> Arlington, MA
> *** PLEASE don't copy me on replies, I'll read them in the group ***

    Barry - Thanks for replying,

    In consideration for your first point, which I also considered,
but
    ultimately dismissed because of the following.

    The internal zone and external zone use the same domain name,
except
    the internal resources will cover internal disaster recovery
resources
    while the external zone covers the mail business resources.

    e.g.

    External
    -------------------------------------------------------------
    zone "university.edu" {
          type slave;
          file "/maps/master/db.university.edu";
          masters { ns1.university.edu; };
    };
    --------------------------------------------------------------

    Internal
    -------------------------------------------------------------
    zone "university.edu" {
          type master;
          file "/maps/master/db.university.edu";
    };
    --------------------------------------------------------------

    Because we are using the same domain name for both internal and
    external, I will not be able to load the public records into the
    internal zone unless I create one large data file with all of the
    internal and external resources, which is something that seems
    unreasonable because I need to keep the internal/external
resources
    totally separate.

    It seems that because both zones have the same domain name, there
is
    no way for the internal zone to query for the same domain name
    externally while keeping the actual data totally separate and
unique,
    unless I make a super domain file with everything internal/
external
    included or make the internal domain name unique.

    Am I misunderstanding BINDs' capabilities?.