pure DNS forwarder
Vasiliy Baranov
Vasiliy.Baranov at Sun.COM
Fri Jan 25 14:23:40 UTC 2008
Barry Margolin wrote:
> In article <fnce4r$2c9f$1 at sf1.isc.org>,
> Vasiliy Baranov <Vasiliy.Baranov at Sun.COM> wrote:
>
>> Dear BIND gurus,
>>
>> By any change, is it somehow possible to configure BIND as a pure
>> forwarder like this:
>>
>> options {
>> directory "/var/named";
>> forwarders { <another server>; };
>> forward only;
>> };
>>
>> // END OF /etc/named.conf
>>
>> and so that it will not clear the AA (Authoritative Answer) flag in
>> responses from <another server> that have the AA flag set?
>>
>> I understand this is odd but anyways?
>>
>
> Sounds like you're asking for a DNS proxy rather than a DNS server.
>
Yes, although people often use the term DNS proxy when referring to
something serving ordinary clients so the AA flag isn't important. In my
situation it is desirable for the proxy to be indistinguishable from
<another server> by the AA flag.
>
>> Actually, I think even DNS-agnostic redirection would do the trick for
>> me, but cannot find a reliable readily available solution for both TCP
>> and UDP. Any ideas?
>>
>
> I don't think there's a way to force it to retain the AA flag. If you
> just want to prevent it from caching, you could use the max-cache-ttl
> and max-ncache-ttl options, setting them very low.
Yes, I also want to prevent it from caching but making it appear as
<another server> is more important for now.
Thank you,
Vasiliy
More information about the bind-users
mailing list