Forward only zones.
Kevin Darcy
kcd at chrysler.com
Mon Jul 25 21:48:43 UTC 2011
On 7/24/2011 2:15 AM, Vbvbrj wrote:
> options {
> allow-transfer { none; };
> recursion yes;
> forward first;
> forwarders { a.b.c.d; }; // Forward to providers dns.
> };
> zone "my_domain.com" IN {
> type forward;
> forward only;
> forwarders { a.b.c.d; }; // Forward to Windows DNS.
> };
>
> I would like BIND to respond to local LAN like this: All queries for
> local domain my_domain.com to be forwarded to local Microsoft DNS to
> server Acrive Directory. Other queries to sites to forward to external
> dns servers.
>
> But BIND does not forward everything to microsoft dns. I want that
> BIND forward every query and return answer, without any caching so
> that record updating, adding or deleting will be always up-to-date.
> When I try this configuration, BIND not forwarding every query.
Correct. That's the distinction which is typically made between a DNS
*forwarder* (which caches) and a DNS *proxy* (which doesn't). As far as
I know, BIND cannot be configured to be a DNS proxy.
> Answers from its cache, that may be out of date.
This is tunable via the TTL values on the relevant RRsets. Consult the
manual of your authoritative DNS server software, for details.
> Also, records not always are update when adding or removing computers
> from domain.
Either a) you're just restating the previous problem (answers might be
from cached data) or b) this is a data-consistency or "lag" problem
between various components in Microsoft-land -- BIND cannot fix that.
- Kevin
More information about the bind-users
mailing list