Forward only zones.

Mark Andrews marka at isc.org
Mon Jul 25 22:28:43 UTC 2011 

In message <4E2DE4BB.6050702 at chrysler.com>, Kevin Darcy writes:
> On 7/24/2011 2:15 AM, Vbvbrj wrote:
> > options {
> > allow-transfer { none; };
> > recursion yes;
> > forward first;
> > forwarders { a.b.c.d; };  // Forward to providers dns.
> > };
> > zone "my_domain.com" IN {
> >     type forward;
> >     forward only;
> >     forwarders { a.b.c.d; }; // Forward to Windows DNS.
> > };
> >
> > I would like BIND to respond to local LAN like this: All queries for 
> > local domain my_domain.com to be forwarded to local Microsoft DNS to 
> > server Acrive Directory. Other queries to sites to forward to external 
> > dns servers.
> >
> > But BIND does not forward everything to microsoft dns. I want that 
> > BIND forward every query and return answer, without any caching so 
> > that record updating, adding or deleting will be always up-to-date. 
> > When I try this configuration, BIND not forwarding every query. 
> Correct. That's the distinction which is typically made between a DNS 
> *forwarder* (which caches) and a DNS *proxy* (which doesn't). As far as 
> I know, BIND cannot be configured to be a DNS proxy.
> > Answers from its cache, that may be out of date.
> 
> This is tunable via the TTL values on the relevant RRsets. Consult the 
> manual of your authoritative DNS server software, for details.
> > Also, records not always are update when adding or removing computers 
> > from domain.
> Either a) you're just restating the previous problem (answers might be 
> from cached data) or b) this is a data-consistency or "lag" problem 
> between various components in Microsoft-land -- BIND cannot fix that.

If one needs a server to be always current then the server needs to
serve the zone.  It should then receive NOTIFY messages about changes
and it can update itself.
 
>                                                          - Kevin
> 
> 
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
> 
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org

More information about the bind-users mailing list