Combined master + forward zone

[Chris Buxton]

On Apr 19, 2009, at 8:06 AM, Petteri Heinonen wrote:

> Hello all. I have been struggling with a seeming simple Bind related  
> problem. My main goal would be to have dynamically added RRs served  
> by different server than the normal statically configured RRs.  
> Essentially, the zone's RRs would be divided on two Bind servers.  
> Here is the setup I would like to achieve:
>
> - Primary master for our zone, serving the statically configured DNS  
> entries. This server would not be used directly by the clients. This  
> server would not accept DDNS update requests either.
> - Second server for the same zone as the first one. This server  
> would then accept DDNS update requests, and store the entries for  
> those locally.
>
> Now, upon a normal DNS query, the second server would need to work  
> as follows:
>
> 1. Check if the name queries exists locally. If yes (in the case the  
> name has been dynamically added), send the response to the client.
> 2. If not, forward the query to Primary master of the zone.
> 3. If not found there either, response with NXDOMAIN.

Can't be done. A server's authority for a zone is either true or  
false, not "maybe".

What you could do would be to move the dynamic entries into a subzone:

- Primary master server for your zone has the zone itself, plus a  
delegation of a subzone (something like "dyn.your.zone.") pointing to  
the second server.

- Second server, primary master for the subzone, would accept dynamic  
updates and store them locally.

To answer queries:

1. Check if the name exists locally, in the subzone. If yes, send the  
response to the client.

2. Recurse normally. There might be a stub zone configuration to point  
upstream to server 1, but this may not be necessary.

Chris Buxton
Professional Services
Men & Mice