Help for

[Spain, Dr. Jeffry A.]

> 1. In down level Windows, everything is OK.
> 2. In upper level dns(bind), ns record, and A record of nameserver is fine.
> 3. But A record in WIndows Server can not resolved by upper level BIND.
> I think maybe I have to do something in my windows server to "connect" windows with linux bind?

If you configured your Windows DNS server as a slave authoritative server to your BIND master, then I would not expect that an A record added to the slave would be reflected in the master. If it is your intention to continue to do zone updates on the Windows DNS server, then make it the master and the BIND server the slave. If you are operating a Windows Active Directory domain environment, then dynamic updates to your Windows DNS zones are going to happen frequently.

In Windows DNS you would do this configuration on the General tab of the zone properties page. Set the zone type to Primary and make it Active-Directory integrated if you are running it on a domain controller. Then on the Zone Transfers tab, configure it to allow transfers only to servers listed on the Name Servers tab and also configure it to automatically Notify the servers on the Name Servers tab.

Note also that Windows DNS servers by default are configured as recursive resolvers as well as authoritative servers for any zones you set up on them. Operating these two functions on the same server is not recommended for security reasons. You can mitigate this by setting up one or more BIND servers as a recursive resolvers and configuring the Windows DNS server to use them as forwarders. You should then uncheck the box "Use root hints if no forwarders are available" on the Forwarders tab of the DNS server properties page.

There is a lot of information about this on Microsoft TechNet, as a little Google searching will reveal.

Regards, Jeff.

Jeffry A. Spain
Network Administrator
Cincinnati Country Day School