zone delegation/forwarding in a non-recursive view
Barry Margolin
barmar at alum.mit.edu
Fri Oct 25 18:34:20 UTC 2013
In article <mailman.1563.1382698019.20661.bind-users at lists.isc.org>,
Yiorgos Stamoulis <yiorgos-lists at stamoulis.eu> wrote:
> Hi,
>
> I have authoritative dns system (1 master bind-9.8.2 & 2 slaves
> bind-9.8.2 & bind-9.3.6) with several zones and two views.
>
> The internal view allows recursion and the external not.
>
> I now have the requirement to delegate/forward a zone to an external
> nameserver.
>
> This works OK for the internal view, but fails for the external as
> recursion is not allowed.
>
> Is it possible to do this? how?
Forwarding is a modification of recursion -- it tells the server
"Instead of querying the servers in the NS records, query these specific
servers." But if you're not recursing (either because recursion is
disabled, or because the client didn't request it), you won't forward.
Authoritative servers usually don't get requests with the Recursion
Desired flag -- external caching servers usually do iterative queries. I
don't understand why this is a problem for you, though. You said you're
delegating to an external nameserver, so when you return the referral
they should be able to go there by themselves.
--
Barry Margolin
Arlington, MA
More information about the bind-users
mailing list