delegating subname.localdomain to 127.0.0.2 on the client machine?

Sun Apr 25 17:27:30 UTC 2010

In article <mailman.1259.1272073959.21153.bind-users at lists.isc.org>,
 Mark Hedges <hedges at scriptdolphin.com> wrote:

> On Wed, 21 Apr 2010, Barry Margolin wrote:
> > >
> > > The scenario is a farm of sendmail + RBL servers that
> > > have independent management and databases, but a single
> > > bind server.  Sendmail etc. would do a lookup of
> > > 78.56.34.12.rbl.localdomain and it would look at
> > > localhost on 127.0.0.2, where the local RBL service
> > > listens.
> >
> > You need to run a caching nameserver on the sendmail
> > machines, and point them to 127.0.0.1 in /etc/resolv.conf.
> > The stub resolver doesn't follow delegations, it sends
> > recursive queries and expects the server to do all the
> > work.
> 
> Actually this is not working still.  Am I wasting my time?
> 
> rbldnsd listens on 127.0.0.2 and answers right when queried
> directly for something like
> 1.139.214.85.countries.rbl.localdomain.
> 
> named listens on 127.0.0.1, set in /etc/resolv.conf, and
> answers all other queries correctly, including
> 'horta.localdomain' set up in example below, so I know it is
> reading in the zone file.
> 
> However, named will not delegate *.rbl.localdomain zones,
> and gives NXDOMAIN.  Help?  Thanks --mark--

You have an out-of-zone A record for rbl.localdomain.  That may be 
causing an error when loading the zone file.

> 
> // named.conf
> acl "localdomain" {
>     127.0.0.0/8;
> };
> options {
>     listen-on port 53 { 127.0.0.1; };
>     // listen-on-v6 port 53 { ::1; };
>     directory   "/var/named";
>     dump-file   "/var/named/data/cache_dump.db";
>         statistics-file "/var/named/data/named_stats.txt";
>         memstatistics-file "/var/named/data/named_mem_stats.txt";
> 
>     // Those options should be used carefully because they disable port
>     // randomization
>     // query-source    port 53;
>     // query-source-v6 port 53;
> 
>     // our nameservers...
>     forwarders { 192.168.9.86; 192.168.9.35; };
>     allow-transfer      { localdomain; };
>     allow-recursion     { localdomain; };
>     allow-query         { localdomain; };
>     allow-query-cache   { localdomain; };
> };
> logging {
>     channel default_debug {
>         file "data/named.run";
>         severity debug;
>     };
> };
> view localhost_resolver {
>     match-clients      { localdomain; };
>     match-destinations { localdomain; };
>     recursion yes;
>     include "/etc/named.rfc1912.zones";
> };
> 
> // named.rfc1912.zones excerpt:
> zone "localdomain" IN {
>     type master;
>     file "localdomain.zone";
>     allow-update { none; };
> };
> 
> 
> # localdomain.zone
> $TTL    900
> @       IN SOA  localhost root (
>                     2010042302      ; serial
>                     5m      ; refresh
>                     5m      ; retry
>                     30m     ; expiry
>                     5m      ; minimum cache
>                     )
>             IN NS       localhost.localdomain.
>             IN NS       rbldnsd.localdomain.
> 
> localhost   IN A        127.0.0.1
> 
> horta IN A 127.0.0.3
> 
> ; delegate rbl zones to rbl localhost ip.
> ; rbl listens on 127.0.0.2 so this does not cause a lookup loop.
> rbldnsd                 IN A        127.0.0.2
> rbl.localdomain.        IN NS       rbldnsd.localdomain.
> rbl.localdomain.        IN A        127.0.0.2

-- 
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***