Overload some records for intern use

Johan VAN RYSEGHEM johan at websiteburo.com
Fri Nov 13 14:39:38 UTC 2009 

Thomas Harold a écrit :
> On 11/13/2009 6:44 AM, Jonathan Petersson wrote:
>> Someone correct me if I'm wrong but using BIND you must have the full
>> zone, partial forwarding/proxying isn't built in so you would need to
>> download the zone and replace the data you need to change.
>>
>
> If all you want to do is change an A record (served from an external 
> zone) to a different internal IP address, then it's doable with BIND.
>
> For example, if I want to redirect svn.example.org to the internal IP 
> address rather then the public IP address, I add the following zone 
> file (called "svn.example.org" in my setup):
>
> $ORIGIN .
> $TTL 600        ; 10 minutes
> svn.example.com        IN SOA  fw.internal.example.org. 
> dns.example.com. (
>                                 2007052665 ; serial
>                                 3600       ; refresh (1 hour)
>                                 900        ; retry (15 minutes)
>                                 7200       ; expire (2 hours)
>                                 3600       ; minimum (1 hour)
>                                 )
>                         NS      fw.internal.example.org.
> $ORIGIN svn.example.com.
>                         A       192.168.0.9
>
> So for clients inside the LAN who talk to this DNS server and ask for 
> "svn.example.com" will get the 192.168.0.9 address.  Clients outside 
> the LAN or who don't use the DNS server will get the public IP address 
> from the public DNS records.
>
> I don't recall offhand if there's more to it, it's been a year or more 
> since I setup that record.  Basically you're adding a local private 
> zone that is named the same as the DNS record that you're overloading 
> and telling BIND to pretend that it is authoritative for that record.
I thought I tried this. I retried and guess what, it worked. Seems like 
my original setup was wrong. I must have misused the $ORIGIN keyword. 
Nonetheless, I think i'm going to keep pdnsd, as it's easier to setup 
for the my use.

Thanks a lot !

Johan

-- 
Johan VAN RYSEGHEM - Développeur RIAS
Websiteburo | Agence Media Interactive | Bordeaux/Paris
johan.van.ryseghem at websiteburo.com : 06.77.88.51.60 - Fixe : 05.47.74.74.20
http://www.websiteburo.com

More information about the bind-users mailing list