Forwarding to two servers

Sten Carlsen stenc at s-carlsen.dk
Fri Aug 6 19:00:44 UTC 2010 


On 06/08/10 19:59, Kevin Darcy wrote:
> On 8/6/2010 1:05 PM, CLOSE Dave (DAE) wrote:
>> Joseph S D Yao wrote:
>>
>>   
>>> If you have two forwarders, as you listed, your server will try to
>>> forward first to one and then to the other.  If it gets any answer at
>>> all from one - even an error answer - it will not try the other.
>>>      
>> So forwarding works exactly the same as listing both servers in
>> resolv.conf? That behavior is exactly what I'm trying to avoid.
>>
>>   
>>> There are many ways to try to cascade name servers and try them one
>>> at a
>>> time.  By the good design of BIND, none of them work.
>>>      
>> If BIND won't do the job, can you suggest another server that will? I
>> can't be the only one wanting to do something like this.
>>
>>   
>>> On your new server:
>>>
>>> zone "." { type hint; file "root.hints"; };
>>> zone "private.example.com" { type forward; forward only;
>>>      
>>   >    forwarders { private.domain.server.IP; }; };
>>   
>>> and put the IP address for this name server and no other in your
>>> /etc/resolv.conf.
>>>      
>> Ah, that might work -- in other circumstances. I understand the basic
>> idea to be using separate zones to force forwarding to different servers
>> for different domains. Did I understand correctly?
>>
>> But an unfortunate characteristic of my PRIV server is that it doesn't
>> use /any/ domain. It only resolves simple, unqualified names like HOST1.
>> This was clearly a mistake in design (from before my time), but I have
>> no ability to change it (in the next five years, anyway).
>>    
> Ah, so you want to implement something new, but not willing to fix the
> old broken design which is incompatible with what you're trying to
> implement. Gotcha.
>
> The only halfway-reasonable way I see for your to work around this
> broken design is to define each of those "unqualified" names
> individually in your nameserver config, e.g.
>
> zone "HOST1" {
>     type master;
>     file "HOST1";
> };
>
> and hope they don't change too often.
I believe you could use forwarding to the internal server for each
individual name:

zone "HOST1" {
   type forward;
   forwarders{ private.domain.server.IP; };
}

This should do the trick but not elegant, not easy. I would start
hinting to management that changes are needed as this is not manageable
in the long term. Think also about adding search domains to the hosts
that need these lookups.
>
>                                                                                                                                
> - Kevin
>
>
>                                                                                                                                                
> - Kevin
>
>
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users

-- 
Best regards

Sten Carlsen

No improvements come from shouting:

       "MALE BOVINE MANURE!!!" 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20100806/8a678f42/attachment.html>

More information about the bind-users mailing list