Help on NXDOMAIN to try next forwarder in the list
sumsum 2000
sum2hike at gmail.com
Fri May 31 11:11:25 UTC 2013
Hi,
The google DNS server was only examples.. it can be some internal DNS
servers and external DNS servers. For eg 10.10.10.10; 120.10.13.12 etc.
where the DNS requests are being forwarded to..
There are issues with connectivity where the DNS entries are not synced up.
And these entries are all specific to say "mycompany.com" where the DNS
are residing in several locations..
So when my local DNS is returning NXDOMAIN, the other locations which might
have the entries are not tried.
the example mytestdomain101.mycompany.com is an example where my list is
10.10.10.10; 120.10.13.12 for example.. i try 10.10.10.10 - NXDOMAIN
returned.. i want to try 120.10.13.12 before sending NXDOMAIN to my initial
request.
I hope this helps.
Thanks
On Fri, May 31, 2013 at 1:05 PM, Matus UHLAR - fantomas
<uhlar at fantomas.sk>wrote:
> On 30.05.13 12:56, sumsum 2000 wrote:
>
>> I have zone forwarders as follows with BIND9 setup with forward only
>> option
>> on a Non Authoritative DNS server
>>
>> zone "mytestdomain101.com" IN {
>> type forward;
>> forwarders {8.8.8.8;4.2.2.1;8.8.4.4};
>> forward only;
>> };
>>
>
> On 30.05.13 15:00, sumsum 2000 wrote:
>
>> This is a non-standard behavior and I would like to have the following:
>> In the case where I am working on,
>> /etc/resolv.conf contains localhost 127.0.0.1 and BIND is listening on
>> localhost port 53 as non-authoritative DNS
>>
>> So all the requests are sent through 127.0.0.1 and based on the domain
>> they
>> are in forward only mode.
>>
>
> There is no point in forwarding just one domain to google recursive
> servers. Either forward ALL domains there (but in such case you could
> simply avoid
> local BIND and point resolv.conf to google), or point the domain directly
> to
> its servers instead of google.
>
> Since BIND 9.8 and you can do it by using "type static-stub" instead of
> type
> forward and use server-addresses instead of forwarders.
>
>
> There are specific domains for eg mygeo1.mycompany.com. There are
>> specific
>> authoritative DNS servers which contain this record.
>>
>
> If you are trying to say that some of authoritative servers for a domain do
> know about one record and others do not know, then the servers and the
> domain are broken and they need to be fixed.
>
>
> mygeo1.mycompany.com is forwarded to myDNS1.mycompany.com,
>> myDNS2.mycompany.com, myDNS3.mycompany.com which are specific
>> authoritative
>> DNS servers to mycompany.com But administrator does not know which one
>> has
>> it
>>
>
> So, is that mytestdomain101.com or mycompany.com or mygeo1.mycompany.com?
> It would be easier to look at the problem if you provided us correct data.
>
> --
> Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
> Warning: I wish NOT to receive e-mail advertising to this address.
> Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
> 42.7 percent of all statistics are made up on the spot.
> ______________________________**_________________
>
> Please visit https://lists.isc.org/mailman/**listinfo/bind-users<https://lists.isc.org/mailman/listinfo/bind-users>to unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/**listinfo/bind-users<https://lists.isc.org/mailman/listinfo/bind-users>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20130531/84bba520/attachment-0001.html>
More information about the bind-users
mailing list