Forwarding to two servers
Joseph S D Yao
jsdy at tux.org
Fri Aug 6 02:54:44 UTC 2010
On Thu, Aug 05, 2010 at 06:03:34PM -0700, CLOSE Dave (DAE) wrote:
> My company has two internal name servers accessible to me. One (PUB) is
> the usual Internet-facing server than can resolve most internal and all
> public names. The other (PRIV) is a special purpose server that only
> resolves names in a special private domain. If I list both servers in
> resolv.conf, some names cannot be resolved. If PUB is listed first,
> names in the special domain fail; if PRIV is listed first, all other
> names fail.
>
> It has been suggested that running a forwarding name server of my own
> might provide a solution. I have tried that, but without success. The
> BIND 9 Administrator Reference doesn't seem to address forwarding with
> any relevant examples, so perhaps I'm not doing something right. Here's
> what I have tried.
...
If you have two forwarders, as you listed, your server will try to
forward first to one and then to the other. If it gets any answer at
all from one - even an error answer - it will not try the other.
There are many ways to try to cascade name servers and try them one at a
time. By the good design of BIND, none of them work.
On your new server:
options {
...
};
logging {
...
};
zone "." {
type hint;
file "root.hints";
};
zone "private.example.com" {
type forward;
forward only;
forwarders { private.domain.server.IP; };
};
and put the IP address for this name server and no other in your
/etc/resolv.conf.
For reliability, you might want to run two identical ones and put both
in /etc/resolv.conf. If you have multiple locations, run at least one
at each enclave, possibly two.
--
/*********************************************************************\
**
** Joe Yao jsdy at tux.org - Joseph S. D. Yao
**
\*********************************************************************/
More information about the bind-users
mailing list