DNSSEC, views & trusted keys...
Chris Buxton
chris.p.buxton at gmail.com
Sun Sep 12 02:41:17 UTC 2010
On Sep 11, 2010, at 2:34 AM, Phil Mayers wrote:
> On 09/10/2010 11:12 PM, Timothe Litt wrote:
>>
>> So it looks like the new (r-internal) view is starting at the root when it
>> resolves -- ignoring what it has data for locally. It sorta works for
>
> You'll need a:
>
> zone "name" {
> type forward;
> forward only;
> forwarders {
> ips;
> };
> };
>
> It won't automatically detect that another view contains the zone and redirect it; you have to tell it.
Use a stub zone instead of a forward zone, so that the query will actually reach the authoritative view. With a forward zone, the query is recursive, so will be picked up by the recursive view - the view will query itself and not receive an answer.
zone "zone.name" {
type stub;
file "/path/to/recursive-view-data/zone.name";
masters { 127.0.0.1; }; // or whatever the correct IP is to reach the internal view
};
Chris Buxton
BlueCat Networks
More information about the bind-users
mailing list