forward problem

Trixter aka Bret McDanel trixter at 0xdecafbad.com
Sun Oct 26 06:28:59 UTC 2008 

I have been asked basically to provide a "sitefinder" like service for
some people so they have something other than the default browser 404
page.  I am fully aware of the problems this can cause, however in this
limited environment it wont be a problem, but I am finding that the
forward options do not appear to be working as advertised (at least what
I have read).  As such I would request that the discussions related to
the political side of this issue be ignored for this thread, I know its
a charged issue, but I also dont operate a root server, or really
anything outside of a small office of people who wanted this, as I am
the "goto volunteer" the task fell to me.

I have tried both forwarding to my local bind via a different view, as
well as to a 3rd party DNS server (ISPs) and neither appear to be
working.  I have tried placing the forward/forwarders options both in
the main options{} section as well as in the view that really needs it,
both failed.  

When I use the localhost view it works as one would expect, when I use
the internal view I get only the wildcard data.  I verified with tcpdump
and setting to the ISP NS that it does not send any packets out to
'forward' the request.

So my question is why does "forward first" not forward first then check
the root zone, why does it go directly to the root zone and not even
attempt to forward first?  Its either a broken (as I understand it)
feature or my config is bad.

Or is there some other way to basically remap a NXDOMAIN to something
else short of either a proxy, code hack, or something else that I would
prefer to avoid if it can be done via the configs.


Thanks,



Here is what I am doing (which doesnt forward):

options {
        forward first;
        forwarders { 127.0.0.1; }; // also tried the ISP NS
        // I also tried putting these in the view and the zone
        // and neither had the desired effect      
};

acl "internal" { 192.168.0.0/16; 10.0.0.0/8; 172.16.0.0/20; };
view "internal" {
	match-clients { "internal"; };
	recursion yes; // out of desperation
	zone "." { type master; file "wildcard";   };
}

view "localhost" {
	match-clients { localhost; }
	forwarders {};
	zone "." {type hint; file "db.root"; };
}

-- 
Trixter http://www.0xdecafbad.com     Bret McDanel
Belfast +44 28 9099 6461        US +1 516 687 5200
http://www.trxtel.com the phone company that pays you!

More information about the bind-users mailing list